David van de Maas from ngage tells.
‘‘Right when it became possible, our organization set up a federation through SAML with ClockWise.’’
‘‘In short, the web is based on Single Sign On across domains. The service provider ClockWise (SP) leaves the authentication to the identity supplier (Identity Provider or IDP). SAML is based on trust, a trust between IDP and SP.
Here the user experiences it as a real Single Sign-On, once logged in to our portal and you will no longer be asked for a name and password to use ClockWise.’’
‘‘Ngage specializes in Identity & Access Management. SAML is an important part of Access Management and we frequently implement it in our relationships. From government services to publishers and from Cloud applications to web shops.’’
‘‘Clockwise is one of the business-critical (financial) applications. The time registration and the invoices that are generated are an important part of the business.
The use of a federation through SAML provides a few important benefits.’’
‘‘In our view, business-critical applications should be protected with more than just name and password. Multi Factor Authentication (MFA) is used for this, so name/password and a token, sms, Yubikey or smartcard etc. The implementation of MFA on all used systems and applications can, however, produce a complex whole. There are many solutions, not every application knows all methodologies. By using one (1) source of authentication, namely our IDP, only one password policy has to be enforced in one place and only an MFA solution needs to be used on that system. In addition, SAML is also extremely suitable for enforcing central authorizations.’’
‘‘The technical or functional administrators of an application such as ClockWise do not have to reset passwords, or set up self-service or make procedures for this.’’
‘‘Not only will a user not have to enter a password for each application, but the user will not have to change his or her password in various systems either.’’
‘‘The use of SAML can vary from very easy to extremely complex. This complexity is mainly caused when the message traffic contains very specific parts. However, the SAML (2.0) standard has been around since 2005 and is a widely used methodology that has already fully crystallized it.’’
‘‘The SAML link with ClockWise falls under the childishly simple category. In the Clockwise settings, a wizard can be started to define an external Authentication provider and to realize the configuration on the ClockWise side. The next step consists of defining the Service provider on the IDP side. In our case we use MicroFocus Access Manager which meant that we only had to start a wizard there. It worked immediately. An interesting option that ClockWise has built-in is that per user type it is possible to let the user choose between providers.’’
Ortwin Verreck director Orangevalley tells
OrangeValley has been working with ClockWise for 10 years. The organization has won an FD Gazelle Award for the past 7 years in a row. The organization is growing strongly every year and during this growth period ClockWise has grown with it. Gradually there was also an increasing need for integration of Clockwise with other systems.
’’The first integration became a link with the accounting package. initially it was Unit4 and later a link with Twinfield was realized. The invoices are thereby created in ClockWise and also sent from Clockwise.
The invoice is also forwarded to Twinfield through a connection. In Twinfield a link has been made with the bank through which invoices are automatically matched as soon as a payment arrives.’’
‘‘To further speed up the process, a second integration has been realized with the sales system in which the quotations are created. This CRM system with quotation module is used to send a proposal to the customer. As soon as this proposal is returned signed and the order is placed on Closed Won, the order is automatically sent to ClockWise through an API call. Meanwhile this link has become so efficient that quotes that have been approved but are still waiting for a signed agreement will already be included in ClockWise in the status "in preparation", which means that the assignments can already be scheduled. As soon as the signature is set, the assignment is activated and the relevant consultants see which activities can be carried out.’’
‘‘In the third and final integration that was carried out by OrangeValley, a link was made with DataStudio in this environment, a dashboard is made for various managers, providing insight into the workload per team, the expected workload and various KPI dashboards to make ensure that the organization continues to work quickly and efficiently. The innovative nature of OrangeValley requires rapid adaptation. The three current integrations ensure that ClockWise is always up to date.’’