Authentication

We currently support three ways to authenticate your users. We implement our IAM through a well-respected party: Ory.

1. Social sign-in

The easy and safe way to enter our systems: We currently support one-click onboarding with Microsoft and GitHub accounts. We require you to validate your email address to ensure we can actively inform you of any security concerns. We validate your email address by requiring you to click a confirmation link sent to your inbox during the onboarding process.

Pros:

  • Very easy to start: one click.
  • You don’t need to remember a password.

Cons:

  • You need an account with either Microsoft or GitHub.
  • Some more corporate companies block this mechanism.

2. Enterprise SSO (Couple your own identity provider)

Bigger companies often want a direct integration with their own IdP (Identity Provider): we support this option through OIDC. We use the well-respected Ory B2B implementation. Contact our sales or support team to discuss the way forward.

We can identify users belonging to your organization based on their email domain (e.g., @yourcompany.com) and direct them to your identity provider.

Pros:

  • Only allow users that authenticated through your own identity provider (e.g., your own Azure Entra ID, Google Workspace, etc.). This blocks other ways to authenticate, which is often desired by bigger companies.
  • Users leaving your company automatically can’t log in to Viya anymore since we block other means of authentication.

Cons:

  • Your IT department needs to perform some configuration (it’s not hard!).
  • Your users require an email address that ends with one specific domain (e.g., all users must have an email address ending in @yourcompany.com).

3. Password

If the other methods are not suitable, you can still configure a username and password. Your username is your email address, and we do require you to validate the email address.

Pros:

  • Simple to understand and set up for individual users.

Cons:

  • An older mechanism that is generally not the safest way due to risks like weak passwords, password reuse, and phishing.
  • You need to remember your password.