Accelerate Your Business
with Ceptor Single Sign-On

Get White Paper

Improve Usability

Single Sign-On (SSO) allows your users to access all your enterprise applications with one login.

Increase Security

Your users do not need to remember or write down numerous login credentials.

Boost Productivity

SSO simplifies the login process by not interrupting your users with login to each application.

What Makes Ceptor SSO Unique


No matter how your users are authenticated, Ceptor can use SAML 1.1 or 2.0 to federate the user's identity to third parties. Provided claims can be customized and tailored to each federated party.

Ceptor can also act as a relying party, using SAML to accept authentication from other SAML Identity Providers.

Microsoft ADFS

You can setup Ceptor to use Microsoft ADFS as an identity provider, or you can federate identities from Ceptor to third-party ADFS relying parties.

Ceptor supports WS-Federation, WS-Trust, SAML 1.1, SAML 2.0 and OpenID Connect protocols when communicating with ADFS.

OpenID Connect / OAuth

Like with SAML, OpenID Connect can be used to federate users identity between systems. Ceptor can act as an OpenID Provider or as a resource server / relying party either federating identity to third parties, or accepting federation from other OpenID Connect providers.


Kerberos can be utilized for easy Single Sign-On in intranet environments. Ceptor supports Kerberos with optional NTLM fallback to enable zero-prompting Single Sign-On with workstations already authenticated on intranet domains. 

Session Sharing

Ceptor signs a user into a session no matter the authentication method used and can share that session with applications protected by Ceptor Gateway. Usage of the shared session allows for shared sign-on as well as shared sign-out.

Ceptor can be configured to hide individual application/server session cookies from the browser, ensuring only a single session is visible to the browser/client no matter how many separate applications are accessed. Furthermore, Ceptor can be configured to support cross-domain cookie sharing.

Multi-Factor Authentication

With Ceptor Gateway, you can combine different types of authentication, e.g. authenticate users using multi-factor authentication and then use Kerberos to authenticate to backend applications/servers that do not know how to handle multi-factor authentication.

Using multi-factor authentication, you can combine the ease of authentication using e.g. Kerberos with the additional security of step-up authentication by prompting for additional factors depending on your configured protection level.

All Users

Ceptor is build to support all your users: customers, employees, partners and even your devices.

All Applications

Ceptor integrates with your enterprise applications across any platform both on-premise and in cloud.

All Devices

Ceptor enables access for all devices: laptop, tablet, smartphone and IoT devices.

Ceptor Single Sign-On

Ceptor Setup

Ceptor offers Single Sign-On as part of a comprehensive security setup

  • Ceptor Server

    Ceptor Server is split into a number of separate deployable modules, including Ceptor Console giving you options to combine or distribute across as many servers as you require.

  • Ceptor Gateway

    Ceptor Gateway is a fully asynchronous standards-based Reverse Proxy Server, Ceptor Gateway is deployed in front of your applications, protecting them from unauthorized access.

  • Authentication Plugins

    Ceptor supports virtually any kind of authentication. Multiple pluggable authentication methods can coexist. The application can freely choose which ones to use.

  • Application Server Plugins

    Ceptor Application Server Plugins, which are clients towards the Ceptor Server, enables you to have deep integration with any application server.

What will Ceptor cost me?

Design your desired configuration to enable us to quote your Ceptor

Contact us