SYSPRO Authentication

Ensuring robust security measures within your ERP system has never been more critical in today's ever-evolving security landscape.

To safeguard sensitive data and protect against potential breaches, we offer three powerful authentication capabilities:

 

 

Discover how these cutting-edge authentication methods fortify your system against unauthorized access and bolster your organization's security posture:

SSO Identity Provider Integration

Available from SYSPRO 8 2023

Enhancing user convenience while fortifying system security, the SSO Identity Provider Integration feature empowers users to access SYSPRO using trusted identity providers, creating a unified and secure authentication flow.

Once authenticated, SYSPRO users are automatically logged in, without them having to enter the traditional SYSPRO username and password.

Suitability

  • Each Identity provider allows various additional validation over the traditional user name and password, including the use of authenticator applications, and other forms of Multi-Factor Authentication. These providers are often already in use across the organization, so users are already comfortable using these common dialogs.

  • The SSO Identity Provider Integration works across the SYSPRO Desktop and SYSPRO Web UI (Avanti) user interfaces, providing a consistent experience across SYSPRO interfaces and the rest of the organization.

SSO using Active Directory

Available from SYSPRO 8 2019 R2

SSO using Active Directory in SYSPRO provides a simple to setup and robust method of using Microsoft Active Directory (AD) to control SYSPRO users.

Once configured, it enables a complete single sign-on experience as SYSPRO users are authenticated by Microsoft Windows and then simply use a shortcut to run SYSPRO without being prompted for a user name and password at the login screen.

It means that a SYSPRO site can use Microsoft Active Directory (AD) to add, change, disable and delete operators virtually seamlessly. Any changes to user attributes automatically reflect against the SYSPRO operator without manual intervention.

Suitability

  • This method is ideal for sites using the SYSPRO Desktop user interface, as each user has to login to their Windows client environment. This option allows a site to leverage the user authenticated by Windows to login to SYSPRO.

  • This option is not suitable for users using the SYSPRO Web UI (Avanti) as users can connect via any device (such as a phone or tablet) where Windows authentication is not appropriate.

Multi-Factor Authentication

Available from SYSPRO 8 2019 R2

Multi-Factor Authentication is a process that identifies a user by validating two or more authentication methods from independent credential categories. This ensures that a user is only granted access after successfully presenting two or more pieces of evidence to the authentication mechanism.

In SYSPRO, the traditional user name and password has been bolstered by the addition of Email and Google authentication to improve security during the login process.

  • Email authentication sends an email to MFA-defined operators containing a Time-based One-time Password (TOTP) required as part of login verification.
  • Google authentication uses an app to generate a QR code for first time user configuration and a Time-based One-time Password (TOTP) is required as part of the verification process for subsequent logins.

Suitability

  • This method is ideal for sites that use the SYSPRO Desktop interface, but that do not want to use either of the Single Sign-on options described above.

    It allows an additional authentication method, over and above the traditional user name and password, thereby establishing an additional layer of protection against potential threats.