Nimonik is developer and provider of state of the art, Environmental, Health and Safety, and Quality management software services for all types of industry, and institutions. Our applications are provided as a service via the web and mobile app interfaces.
We have an immediate need to improve our products by providing Single Sign On (SSO) capabilities for our large corporate clients as well as maintaining the existing username and password access for most customers.
We wish to hire a consultant or consulting company that has experience in adding SSO to existing SaaS products to build an SSO solution for our applications. The contractor must also provide the documentation that our customers’ IT department can use to add and maintain their users on our application via the SSO solution.
Our applications run on servers with Ubuntu OS at Amazon Web Services.
Our application stack:
- Rails 4.2 (soon 5.0) / Unicorn / Ruby 2.3
- MySQL/Redis cache/Sunspot Solr search
- Continuous integration setup with RSpec/Cucumber/Jenkins
- token-authenticated JSON API serving iOS and Android client apps
We use the Ruby gem Devise ([login to view URL]) in Rails for authentication, the latest available version (4.4.3 at the moment). Devise is currently configured with DB backend only (user/hashed_password in users table).
We wish to keep DB authentication backend for most users, while moving selected corporate accounts to SSO authentication. SSO implementation also needs to facilitate user invite and creation against SSO server.
Customer accounts on our application share the same database. Thus the SSO solution will need to keep accounts segregated. We are looking for recommendations from the consultant hired on methods to use for segregation, such subdomains for each SSO customers.
Most of our corporate customers have Microsoft networks with Active Directory Domain Services. Thus the SSO solution must be easy for these customers’ IT departments to control access to our solutions. We expect the contractor to have access to a test Microsoft network to test and document the SSO solution.
Based on our application environment and requirements, we wish the consultant to select the best currently accepted protocols and technology (CAS vs. SAML vs. OAuth2) for the SSO. Initially the SSO solution will be for our web interface, but the solution must have the capability for our mobile app (iOS and Android) developers to integrate the SSO solution into these mobile application.
- must have previous experience in adding Single Sign On solution to Ruby on Rails applications using the current industry accepted protocols.
- must have servers with Microsoft networks with Active Directory Domain Services (with primary domain controller)
- 3+ years of Ruby/Rails programming experience
- Development experience with the Ruby Devise Gem. Experience with CanCanCan gem will also be a benefit.
- Test-oriented (RSpec/Cucumber)
In your response to this contract request, please describe the SSO solutions that you or company have done that best matches our SaaS application.