Best practice for SSO sign-in to application - Embedded or external window?




  • We're currently in the middle of redesigning our agent app and we're wondering what is the best practice to sign in to the agent using SSO..

    The main flows we found are:

    1. External browser window where the user should choose his account and continue back to the agent.
      Advantage: The information is stored in the browser so the user just needs to choose his account.
      Disadvantage: The user must interact with another screen in order to complete the sign-in flow.
    2. The whole flow is embbeded inside the agent.
      Advantage: The user interacting with the flow inside one screen "step by step".
      Disadvantage The user muat sign in to his SSO for the first time through the agent because the agent didn't store his information cookies.


    Example to the first flow, Slack:


    Step 1: Click the "Sign in to Slack" button. enter image description here

    Step 2: New browser page is opening, the user should click the "Continue with Google" button to sign in via SSO (or use the sign-in fields). enter image description here

    Step 3: Another "small" page opens where the user should choose the relevant account and sign in. enter image description here

    Thank you very much.



  • I recommend using the first flow and in my opinion it is pretty much standard nowadays for the modal with various accounts to pop up when signing in.

    Alternatively, you can embed the flow and announce the user beforehand that they need to login: ("You will have to login to (...)"). However this will add more steps and make the task longer to complete.

    Here is a really great article for further reading: https://uxdesign.cc/designing-a-user-friendly-login-25855ae0cc88



Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2