In any innovation program, employee engagement is critical for success. Employees drive the ideas and discussion that lead to results. We posted recently about one way to keep participants engaged, with a responsive design that supports a user’s contributions from any device. This post focuses on another important way to keep engagement high, by making it easy for participants to sign in and reducing the friction that forgetting a username or password can create.
In 2013 we added three new methods for logging into Kindling: SAML, Google and Yammer authentication. Not only did we make it easier than ever to access Kindling, but we also integrated with many of the SaaS enterprises that are already part of your daily workflow. The key factor common to all of these integrations is that they enable you to take advantage of your already-existing identity stores. This means no work maintaining a separate user store for Kindling and easier access for Kindling participants, who can log in without having to keep track of yet another username and password. We’ve all seen that familiar “forgot your password” message and then either spent 5 minutes resetting the password or given up completely and moved onto another task. Since innovation software is dependent upon social interaction, it’s crucial to get this first step right. After all, you can’t crowdsource without the crowd!
SAML Authentication
SAML has become an industry standard for authentication and is growing in acceptance in enterprises. It is a secure mechanism for communicating login information between two parties, an ‘Identity Provider’, which manages the identity information for everyone at your organization, such as usernames and passwords, and a ‘Service Provider’, in this case Kindling. When a user logs in with SAML, behind the scenes, they are initiating communication between these parties to verify their identity and log them into Kindling. SAML doesn’t access your user information directly, instead, SAML only asks for verification of particular users. SAML bypasses issues of a direct connection to the server in a corporate network and this makes it more secure than LDAP or Active Directory.