Products and Solutions
 EMA® Mail
 EMA® Cyber Defense
 EMA® Print
 EMA® Scan
 EMA® File
 EMA® Voice
EMA® for SAP Solutions
 SAP Metadata
 SAP Live Migration
 SAP Scan
 S/4 HANA Relief
ARTEC SMART Integration Tools
Firegate VPN
eDiscovery Solutions
Case Management
VSTOR® Vault
 Product Details
 Object Storage
ARTEC Cloud Solutions
 Cloud Models
 Managed Services
 Microsoft 365
Mailserver migration
Microsoft 365 tips
EMA® is Easy to Use
Data Formats
Protect Your Investment
Comprehensive Archiving
Storage Technology
Data Security Concept
Protection Against Cyber Attacks
Big Data - Knowledge is Power
Software Architecture
Single Sign-On
Folder Synchronization
User Access
Full-Text Search
Backup and Recovery
ANA Server
Trusted EMA®
Hot Standby
Digital Signatures
Attributes and Metadata
Department archives/Linking
Federated Search
Retroactive Archiving
WAN Synchronization
EMA® DeDup Server
EMA® App
Outlook extension
Good to Know
Legally Compliant Archiving
Protecting Personal Information
Why WORM Is No Solution
Problems with certifications
Stubbing - (Not) A Solution
Who Uses EMA®?
Why Bother with Archiving
Benefits of an Appliance
Dealing with private e-mails
Laws and Regulations
Overview of the Most Important Regulations
General Data Protection Regulation (DSGVO)
Right to be "forgotten"
Events and Webinars
Press Releases
Press Review
Partner Program
Partner Portal
ARTEC Promotional Program
ARTEC Expert Network
Services & Support
Consulting Services
Technical Consulting
Software Development
Software Subscription & Warranty
Product Support
Company History
Green responsibility
Where to Find Us
Job Openings
Terms and Conditions
Protected Trademarks and Patents
Information for Investors
Privacy Policy
Corporate Information

Single Sign-On

EMA® supports user authentication using single-sign on (SSO) to allow secure access to the archive while remaining comfortable to use for users.

Using this authentication method, users can access the archive directly from their e-mail client after successfully logging on to their workstation.

Additional means identification, such as a separate username and password prompt, are no longer necessary and will not be shown if authentication succeeds. This makes working with the archive extremely convenient for users while not at all compromising the system's security.

Logging in via the EMA interface is no longer necessary with the Single Sign-On feature.

Technical details on single sign-on procedures

In a Microsoft Office 365 environment, with the one-time creation of an Azure App, access is easy and secure for all users through Azure Active Directory. Here, OAuth2.0 is used to realize the communication between Microsoft Graph and EMA.

In a hybrid environment (user mailboxes at O365 and locally), it is also possible to handle local user management via Azure AD (provided it is synchronized with the local LDAP server).

If EMA is located locally as an appliance in a customer infrastructure, it is connected to the local directory service via LDAP / Kerberos if possible and thus also offers true single sign-on.

In addition to true single sign-on, EMA also offers many other ways to implement centralized logon using a variety of authenticator methods. For example, the system supports LDAP (Lightweight Directory Access Protocol), OpenLDAP, Active Directory, Radius Server and HTTPs client certificates for logging in via SmartCard and even a customizable ticket server to integrate other logon systems. By live polling of authentication data checked against the existing system, the process ensures the highest possible access security and centralized account management, even when EMA checks against an existing system via POP3, IMAP, CIFS or FTP.

If even such exotic login methods and integrations are out of the question, EMA can also assign its own passwords and send them to users via welcome emails.