FEATURE BLOG POST: Role and user benefits of a Single Sign-On Service for the SmartWork system

October 2019: Dr. Dimitrios Amaxilatis, from Spark Works, explains how the SmartWork Single Sign-On service will provide a positive user experience and manage access to user data.

As a modern cloud-based application, SmartWork is composed of multiple components and modules that interact with each other, and with end-users. This interaction on modern microservice-based applications needs to be under a single account and access management component to offer a more satisfying experience to end-users and ensure that their data is well protected and safe.

The SmartWork Single Sign-On service will be used by all users that will participate in the semi-controlled and field trials of the project in 2020 and 2021. It allows users to use the SmartWork components easily, with a single account, keeping track of their data and monitoring their activity from a single point. Its role in SmartWork is twofold:

  • On the one hand, it is used to provide access to end-users, through a normal password-based authentication mechanism, allowing them to enter the various sub-systems that will be developed during the project from all their devices (web, desktop and smartphone applications).
  • On the other hand, it permits us to define multiple roles and levels of access across all sub-systems, based on the personas [such as ‘Beatriz’, presented in last month’s Feature Blog Post] of each user of SmartWork.

In brief, the first SmartWork access roles, derived from the corresponding personas, are the workers, the carers and the employers. Each user needs to access different services, interacts with specific other users, and even sees different views of the same data collected by the SmartWork platform.

Additionally, the SmartWork Single Sign-On service is responsible for managing access to user-data that is collected and stored in the SmartWork systems (i.e. personal data, work data, sensor data). Each service, internal or external, needs to be registered and approved by the SmartWork administrators. Once it is approved, it can interact with the rest of the SmartWork services following the well- established OAuth 2.0 (https://oauth.net/2/)  industry-standard protocol for authorization.

The semi-controlled and larger field trials to take place at the offices of Cáritas Coimbra and Aarhus Municipality in 2020 and 2021 will obtain feedback from users on their experience of the Single Sign-On service and assess its overall effectiveness in managing access to the SmartWork system.

Keep up to date with SmartWork progress @SmartWorkEU and Sign Up to the Newsletter.

Questions? Contact smartwork@echalliance.com