Select region

Accelerate your business with Ceptor SSO

Single Sign-On (SSO) allows your users to access all your enterprise applications with one login. Furthermore, it increases your security through password requirements by relieving users of remembering numerous login details. SSO simplifies the login process by not interrupting your users with login to each application.




No matter how your users are authenticated, Ceptor can use SAML 1.1 or 2.0 to federate the user’s identity to third parties. Provided claims can be customized and tailored to each federated party.

Ceptor can also act as a relying party, using SAML to accept authentication from other SAML Identity Providers.

OpenID Connect / OAuth

Like with SAML, OpenID Connect can be used to federate users identity between systems. Ceptor can act as an OpenID Provider or as a resource server / relying party either federating identity to third parties, or accepting federation from other OpenID Connect providers.

Session Sharing

Ceptor signs a user into a session no matter the authentication method used and can share that session with applications protected by Ceptor Gateway. Usage of the shared session allows for shared sign-on as well as shared sign-out.

Ceptor can be configured to hide individual application/server session cookies from the browser, ensuring only a single session is visible to the browser/client no matter how many separate applications are accessed. Furthermore, Ceptor can be configured to support cross-domain cookie sharing.

Microsoft ADFS

You can setup Ceptor to use Microsoft ADFS as an identity provider, or you can federate identities from Ceptor to third-party ADFS relying parties.Ceptor supports WS-Federation, WS-Trust, SAML 1.1, SAML 2.0 and OpenID Connect protocols when communicating with ADFS.


Kerberos can be utilized for easy Single Sign-On in intranet environments. Ceptor supports Kerberos with optional NTLM fallback to enable zero-prompting Single Sign-On with workstations already authenticated on intranet domains. 

Multi-Factor Authentication

With Ceptor Gateway, you can combine different types of authentication, e.g. authenticate users using multi-factor authentication and then use Kerberos to authenticate to backend applications/servers that do not know how to handle multi-factor authentication.

Using multi-factor authentication, you can combine the ease of authentication using e.g. Kerberos with the additional security of step-up authentication by prompting for additional factors depending on your configured protection level.

All-in-one solution

Ceptor is build to support all your users: customers, employees, partners and even your devices. Furthermore, Ceptor integrates with your enterprise applications across any platform both on-premise and in cloud. Last but not least, Ceptor enables access for all devices: laptop, tablet, smartphone and IoT devices.

Ceptor Setup

Ceptor offers Single Sign-On as part of a comprehensive security setup.

The Ceptor Server is split into a number of separate deployable modules, including Ceptor Console giving you options to combine or distribute across as many servers as you require. Addtionnally, Ceptor Gateway is a fully asynchronous standards-based Reverse Proxy Server, Ceptor Gateway is deployed in front of your applications, protecting them from unauthorized access. 

The solution supports virtually any kind of authentication. Multiple pluggable authentication methods can coexist. The application can freely choose which ones to use. Ceptor Application Server Plugins, which are clients towards the Ceptor Server, enables you to have deep integration with any application server.