Skip to main content

Hi friends - We made an update to our SSO authorization, limiting the permissions and amount of data inSided (and other apps we use SSO auth. for) has access to, to help address some valid security concerns some of our customers raised. I’ve attached a screenshot of our current auth. page, but I want to update the “Access your account information” language to be more clear and get ahead of further security concerns folks may have. Any good examples of language you use or have seen?

 

 

Hey @Chris Anderson - this is a great topic, and one that has been peripherally in my mind as we start to enable SSO with various platforms. Unfortunately, I don’t have any good sample language, but wanted to follow along to hear from others. Thanks for asking this. 
-Cass. 


I am by far not an expert on this, so I am just sharing my 2 cents here. I have rarely seen messages like these, despite having worked with dozens of communities using SSO. On the other hand, I often skip the SSO registration as we have our own inSided access to log in to your front end, that might explain why I did not come it across that often. ;)

As a user, I would probably appreciate a bit more detailed / practical information on what that means. Maybe something like:

- Use your accounts’ email address to inform you about new content in areas you've subscribed to

I like that you include a link to a post about how you authorize access. You could also include a link to a users profile settings (so they can manage their email notification settings), or simply inform them that they can at any time adjust and disable such notifications.

Next to that, you could also stress that this information is only being used for messages with informational purposes, and that this information is not being used for any other purposes.


Thanks @Julian! From the feedback we’ve heard so far, the concerns aren’t related to receiving emails, but more so IT/security concerns about a new tool (Insided) having access to their (Guru) account information. We’ve made some updates to the language so hopefully those concerns are minimized now :) 


Reply