PRISM offers Single Sign-On (SSO) as an authentication process for jurisdictional users.  With this feature, your enterprise identity manager will authenticate users for your jurisdiction and inform PRISM whether to grant access for your jurisdictional users.  This is a formal integration, so IT professionals will be required to do the configuration and rollout.

Note:  PRISM does not support SSO for vendors.

PRISM uses Azure B2C AD as a service provider.  It uses federated SSO with SAML 2.0.  PRISM's SSO is capable of connecting to multiple providers (on premise ADFS, Azure, Office 365, etc.).  There is a two step process involved in making SSO work for you.  First, there is jurisdiction enrollment.  Secondly, the PRISM Administrator approves the enrollment.

The Process

Jurisdiction Enrollment

1.Share the (PRISM generated) enrollment link with a jurisdictional end user

2.The end user logs in with their enterprise login credentials (the user is challenged by their enterprise log in process, not PRISM's)

Sample enrollment email (step 1)

Sample enterprise login during enrollment process (step 2)

SSO Approval

1.SSO Administrator logs into PRISM

2.Find the list of enrolled SSO users (Configure-->Users)

3.Approve the user for SSO usage

Sample list of enrolled users (step 2, 3)

Once the enrollment and acceptance process is complete, users no longer need to log into PRISM.  Simply visit the jurisdictional custom landing page, and the SSO process takes care of the rest.