Why: Currently in Mambu all users are stored in tenant DB. An usual case for large organizations over (100 members) is to manage the users and their access to resources using centralized points of storage for user security details(AD / LDAP). All required access and permissions are validated agains the AD / LDAP. When coming in touch with Mambu they have to break the security policies and extend tolerance on duplicatind security details of users in Mambu in order to provide access to their users to Mambu platform.
What: Create an integration layer able to talk with ADs / LDAPs in order to authenticate and authorize users. In tenant DB we can store the user with his rights with no credential just to have him ready to go in the platform.
Impact: This will became one of the most frequently asked about login Qs while dealing average or big sized organizations.
SSO comes in extension of the above. The user is asked for credentials just one time. After authentication and authorization he can access any app in the environment with no necessity to fill in the credentials again.