Login diagram
dScribe supports multiple authentication methods to ensure secure and flexible access for users. Whether logging in via Single Sign-On (SSO) or passwordless authentication, the platform provides seamless integration with company-specific access controls.
Logging in with SSO
To use SSO authentication, you must first set up an SSO provider, which is linked to a single company. Once configured, users can sign in through the SSO provider. If a user attempts to log in via SSO and is successfully authenticated, dScribe can dynamically create a user account, eliminating the need for manual user provisioning.
For managing access to different parts of the platform, OpenID groups can be mapped to specific permissions. In Catalog, OpenID security groups can be linked to teams and access policies, ensuring users have the appropriate level of control. In Guide, OpenID groups can be mapped to workspaces, granting structured access to relevant content areas.
Setting up Single Sign-On (SSO) integration between dScribe and your Identity Provider
To setup an new identity provider, navigate to your organization settings.
You will not be able to see these settings if you are not a company owner.
Click the Add SSO provider button and fill in the required fields. For more details on integrating Azure Entra ID, click here.
Logging in with Passwordless Authentication
With passwordless authentication, users receive an email containing a unique login link (this link will be valid for one hour). After clicking the link, if they have access to multiple companies, they must select the company they wish to log into before being redirected to the dScribe web application. This method offers a secure and convenient way to sign in without needing a traditional password. However, passwordless authentication can be disabled at the company level, requiring users to log in via SSO instead.
Switching Between Apps and Companies
Within the application, users can navigate between different dScribe apps using the app picker.
If a user switches to a company that has disabled passwordless login, they will be prompted to re-authenticate via that company’s SSO provider. This ensures that security policies are consistently enforced across all organizations using dScribe.
Some concrete examples
Some concrete examples
1. Direct Access for Single-Application Users
If you only have access to one dScribe application, such as dScribe Guide or dScribe Catalog, you will be automatically redirected to that application upon login.
👉 Example: Bob, an HR professional who writes onboarding documentation, only has access to dScribe Guide. When he logs in, he is immediately taken to dScribe Guide without needing to make a selection.
2. Application Selection for Multi-App Users
If you have access to multiple dScribe applications, you will be directed to an overview page where you can choose which application to access.
👉 Example: Alice, a Data Steward, has access to both dScribe Catalog and dScribe Guide. When she logs in, she sees an overview page with buttons for both applications and can decide where to go next.
3. Session Expiry and Returning to the Previous Page
For security reasons, dScribe sessions expire after a period of inactivity, requiring users to log in again. When logging back in, users are redirected to the page they were last on.
👉 Example: Alice was working in dScribe Catalog but went on holiday. When she returns and refreshes her browser, she is prompted to log in again and is redirected back to dScribe Catalog where she left off.
4. Multi-Company Access for Consultants
Users working across multiple organizations can select which company's dScribe environment they want to access upon login.
👉 Example: Nick, a Data and Analytics consultant, works for multiple companies that use dScribe. When he logs in via a magic link, he is prompted to select the company he wants to access before being directed to dScribe Catalog.
5. Single Sign-On (SSO) for Secure Environments
Some companies enforce Single Sign-On (SSO) for authentication. When logging in with SSO, users are automatically directed to the appropriate application without extra steps.
👉 Example: Nick gains access to The Totally Secure Company’s dScribe Catalog. Because this company requires SSO, he logs in with his corporate credentials and is immediately redirected to dScribe Catalog.
6. Switching Between Company Environments
Users with access to multiple company environments can switch between them using the Application Launcher. If an organization enforces SSO, authentication is required before switching.
👉 Example: Nick is working in The Company’s dScribe Catalog but needs to switch to The Totally Secure Company’s environment. He selects dScribe Catalog from the Application Launcher, chooses the company, and is prompted to authenticate via SSO before being redirected.
7. Seamless Switching Between Applications
If you have access to multiple applications within the same company, switching between them is simple and doesn’t require re-authentication.
👉 Example: Alice is working in dScribe Guide but needs to document some definitions in dScribe Catalog. Using the Application Launcher, she selects dScribe Catalog and is immediately redirected.