Hi,
not sure if this is the right category for it, given that it’s not really a question, but:
I just bought a Advanced License specifically because Single Sign-On was advertised, only to find out after activating my license that what is supposed is not Single Sign-On, but only LDAP.
I found this thread Setting up Single-Sign-On for AMP which shows to me that clearly there is a huge misconception here and the false marketing likely isn’t intentional.
However, unlike stated by the Staff member in above thread, LDAP is not a Single Sign-On mechanism. LDAP is a Same Sign-On Mechanism.
Other mechanisms like OIDC and SAML are indeed Single Sign-On, and hence something along those lines is what I expected.
Or, as explain by amazon (What is SSO? - Single Sign-On Explained - AWS):
“Single sign-on systems require a one-time authentication from the user. Once logged in, the user can access other web applications and services without re-authenticating themselves. Meanwhile, same sign-on requires the user to repeat the login process each time with the same authentication credentials.”
LDAP only syncs the username/password, and allows someone to authenticate with the same user in multiple places. This is, however, not Single Sign-On, as one still needs to authenticate against AMP separately.
All I ask is to please adjust the wording on the description of the advanced edition to properly reflect the state of things. In above thread it was also said that OIDC and similar are planned for the future, so I’ll stay with the advanced license - but nevertheless it is very misleading and technically false marketing.
It does seem obvious that this was not out of malice but just an accident, but should still be adjusted.