SSO/Login & User Permissions
      Back to home
      1. Help Center
      2. Payer Knowledge Base
      3. SSO/Login & User Permissions

      Why Single Sign-On (SSO) Is Critical for Secure Access to PaymentWorks

      Single Sign-On (SSO) is more than just a convenience—it’s an essential part of securing access to PaymentWorks. This article explains why SSO is important, the risks of not using it, and what to do if your organization doesn’t currently have an Identity Provider (IdP).

      What Is SSO?

      SSO (Single Sign-On) allows users to access multiple systems using one secure set of credentials. These credentials are managed by your organization’s Identity Provider (IdP), such as:

      • Okta

      • ADFS

      • Shibboleth

      By centralizing user authentication, SSO simplifies login and strengthens security.

      Risks of Not Using SSO

      If your organization relies on direct logins (email and password), several risks can arise:

      • Credential Theft
        Password-based logins are more vulnerable to phishing and password reuse attacks.

      • Unmanaged Access
        It becomes difficult to remove access for former employees or third-party users.

      • Increased Fraud Risk
        Without strong authentication, unauthorized users may gain access to sensitive information or perform prohibited actions.

      • Limited Auditability
        Without SSO, it’s harder to track and attribute user activity, which can complicate compliance and incident response.

      If Your Organization Doesn’t Have an IdP

      You can still use PaymentWorks, but there are some important considerations:

      • A System Administrator will need to manually manage access for any users not linked to your IdP, including shared or group email addresses.

      • Your organization will be responsible for monitoring user behavior and ensuring the security of those accounts.

      • We highly recommend evaluating IdP solutions to align with current security and compliance standards.

      Best Practices for Secure Access

      To maintain a secure and efficient environment, we recommend the following:

      1. Use SSO for all user access wherever possible.

      2. Centralize identity management through your IdP.

      3. Avoid shared credentials or unmanaged user creation.

      Implementing SSO helps protect your data and provides a smoother experience for everyone using PaymentWorks.

      For additional support or if you encounter issues, please contact PaymentWorks Support.