ESI JDE SSO
Your best SSO choice for JDE
ESI JDE SSO combines confidence and convenience.
First Production implementation of ESI JDE SSO went live in 2009. Today, it's a mature, robust, highly flexible and feature-rich product. It's affordable and unobtrusive, the most prevalent SSO solution for JDE, favored by some of the most significant JDE sites worldwide. It installs in under 2h with our complimentary services and support. And then it simply serves you, securing, streamlining and strengthening your business.
Full support for ADFS, Azure, Okta, Auth0, Duo, Oracle Identity Cloud & GSuite with OAUTH2.0 / SAML / JWT, as well as built-in per-user selective TOTP 2FA.
Current version: 11.2
Oracle® Validated Integration for JD Edwards® EnterpriseOne® 9.1 and 9.2, including 9.2 in x64 bit
- Product Brief
- More Details
- System Requirements
- Licensing
- It is much easier to setup than any other, typically in ~2h;
- It's rather non-intrusive - it requires no changes to JDE configuration;
- It can be implemented incrementally, adding a few users at a time in batches as convenient, it is a lot easier than the standard JDE "all or none" LDAP integration;
- Consequently, there's no need for any additional consulting expenses to either set it up or to use it and our installation support is free;
- The JDE sign-on becomes smooth and absolutely prompt-less with our approach (although it can be configured to prompt the users for their Windows sign-on, if desired);
- It is pleasantly flexible, allowing access to multiple Environments and/or Roles with additional prompts, plus the full SSO support for the approval links in standard JDE Workflow messages;
- Through Parameterized URL's, this solution offers instant prompt-less access to specific applications through desktop shortcuts, so the user reliance on JDE menus or E1 Pages can be reduced or completely eliminated;
- Full support for Parameterized URL's also means that the users can create shortcuts pointing to specific applications - this is even more convenient to use than E1 Pages, let alone Menus/Tasks;
- Needless to say, there is no 10-char password limit for Windows accounts, nor a single-Domain limit for the users: it will support multiple AD domains and multiple AD forests and will even work for external non-Domain users;
- Importantly, this solution also supports multiple JDE accounts per user;
- And no less importantly, we support all JDE releases from XE (!!!) upwards, including multiple JDE systems concurrently;
- Many 3rd-party integrations are available: Reports Now, K-Rise, Cantara, RFGen, Okta to name just a few and more are possible if needed.
- External IdP integration would of course offer multiple additional Enterprise-wide authentication options, including 2 factor / multi-factor authentication.
- Highly secure prompt-less SSO is possible for non-Domain, external and mobile users with minimal configuration.
- Cloud SSO can be set up in a variety of ways for Amazon, Azure, Oracle, Duo, Auth0, Okta, etc. IdP's.
- We support JWT authentication into JDE, introduced by Oracle in TR925. This option can take passwords out of the picture entirely.
- Of course, this SSO solution will also save a lot of time to both the users and the IT support, since there's no longer any need to manually maintain JDE passwords.
Please e-mail us if you would like to trial this solution in your environment and we will supply you with the software, assistance and a limited trial license at no cost.
With this SSO solution, the authentication is effectively delegated to Active Directory and all JDE aspects of it are effectively removed from the picture, now silently managed by our SSO software in the background. And all of this happens without the complexity of setting it all up within JDE, while delivering some serious additional benefits which are not available with the standard JDE LDAP integration. Yet, despite the fact that it's not at all identical to JDE LDAP integration, it is still an LDAP integration, just a different kind. A much friendlier kind. And with much more power and flexibility.
This is a 6-in-1 solution. It concurrently resolves SIX SEPARATE issues in JDE:
- It implements JDE Single Signon WITHOUT configuring JDE for either LDAP or Oracle SSO, in fact without any special configuration in JDE at all - this will save you a lot of time and pain!
- When signing in into the JDE WEB or Fat client, this solution ELIMINATES THE JDE PASSWORD PROMPT entirely, relying on Windows authentication to seamlessly authenticate the users - this will save your users time and make their JDE experience better! (In some cross-forest scenarios and for external users, there will still be a log-in promptfor the AD credentials.)
- The standard JDE approach requires Windows User Names to be identical to those of JDE Users + imposes the 10-char restriction on the password length. While this SSO solution ELIMINATES THESE REQUIREMENTS, your Windows User Names and Passwords can be as long, or indeed as different from JDE's as desired. This will give you the flexibility most sites need! The mapping of Windows Users to JDE Users is handled by this software and the process is also simple and easy.
- All standard approaches limit the users to a single JDE account per Windows account, while our solution allows any Windows account to be associated with multiple JDE accounts.
- Moreover, this solution practically ELIMINATES PASSWORD MANAGEMENT in JDE, by entirely concealing the JDE passwords and effectively replacing the manual JDE signon with an automated process - this will reduce your support costs and again, save time to your users! And because JDE passwords are now out of the picture, there are no restrictions on the users' password length.
- And to top it all, this solution will at the same time LOAD-BALANCE the JDE WEB Servers - it's just a nice extra feature we could include in this solution at no extra cost! In fact, the unlicensed users of this software can also enjoy this feature, so this solution can be used as a single entry point into JDE for both licensed and unlicensed users.
The installation is simple and easy, administration is streamlined and intuitive. If you ever used our software, you would know that our solutions are extremely easy to work with, nothing like you've ever seen before. If you are trying to compare the necessary implementation efforts with the JDE LDAP authentication implementation requirements, it will likely take 10-50 times less effort with this solution. This solution can deliver massive savings, it would typically pay itself off within a few months.
Moreover, these two separate products - this SSO and the USM (ESI JDE User Self Management) can be integrated together: the passwords reset with this USM software can be valid for the SSO software as well, with just a single integration setting in the INI file. And the bundle of these two solutions also comes with a built-in discount. Please, e-mail us for more details about this integration.
Nothing can be easier!
This solution can be implemented in hours. Installation support is free. All JDE releases from XE and up are supported for WEB, Portal and Fat Clients (including Citrix). As far as the JDE backend and WEB platforms are concerned, this solution is independent of either one (provided that it is OW/E1 and not World and bearing in mind that it does need an IIS server somewhere in your network to run on). Nothing needs to be installed on the clients in order to use this solution (except in some special cases for advanced functionality), so all and any client platform and browser are supported, including Linux, WTS, etc. Please note, that IIS running the core SSO module and the SSO Manager - the two components of this solution, can both be installed in a single VM and this VM can even be running some old OS like Windows 2003 to save on the license costs.
Please, e-mail us for more details or to request a Trial (full functionality, with time and user count limited). The Installation Guide included with the trial provides all the technical details.
Here's a simplified process diagram, illustrating the main steps and components of the process:
Single-Domain installations are, of course, very straight-forward in terms of their design: everything will be installed in the same single Domain. With multi-Domain or multi-Forest installations, we will discuss the available options to help you decide which AD configuration will suit you best: the core SSO server(s) can be installed in a single central location, or in multiple locations, depending on how you would like the users and the licenses managed.
You will typically need to stand up a new Windows Server VM (preferably 2008+) with 2 CPU threads (1 hyperthreaded core), 2-4GB RAM and ~30GB free disk space (after all OS Updates, Paging file, etc.) This should be sufficient for up to low thousands of users, but may need to be doubled for high thousands of users. This server could be shared, or the installation may be completely server-less in some scenarios.
JDE Releases: XE (B7333), ERP8 (B7334), B9 (E1 8.9), E810, E811 (including E811 SP1), E812, E900, E910 (OVI), E920 (OVI).
JDE Backend Hardware Platforms: hardware-independent - all platforms supported by JDE are supported.
JDE Backend Database Platforms: DB-independent - all platforms supported by JDE are supported.
Client Machine Software Requirements: none, but different browsers may place different restrictions on the available functionality and the sign-on prompt.
Client Machine Hardware Requirements: has no requirements above those of the browser.
The optional Yearly Update/Upgrade Subscription is available at the time of purchase (not available separately) for an additional yearly fee. It is payable in advance per license, per year. It includes premium support and all software updates released during the paid period. Its cost is calculated as 20% of the product's list price at the time of invoicing, as may change from time to time. Unless the software is purchased for a single use application, we generally recommend to opt in for this Subscription: any future JDE Tools Releases and Releases/Updates may require an updated version of this solution and it's generally more cost-efficient compared to one-off Upgrades.