OAuth / SSO
What is OAuth / Single Sign-On?
Single Sign-On (SSO) lets your users log in to eCourtDate using the same credentials they already use for other work systems (such as their Microsoft or Google account) — no separate password to create or remember. OAuth 2.0 is the industry-standard protocol that makes this work securely behind the scenes.
Why do courts want this? SSO means fewer passwords for staff to manage, centralized control for IT administrators (disable one account and access is revoked everywhere), and stronger security through your organization's existing Multi-Factor Authentication (MFA) policies.
Overview
eCourtDate supports OAuth 2.0 and OpenID Connect (OIDC) for Single Sign-On (SSO) integration, providing a secure, standards-based authentication mechanism for your organization.
Why OAuth 2.0 / OIDC Over Traditional SSO
OAuth 2.0 and OpenID Connect offer significant advantages over legacy SSO approaches:
- Standardized protocol -- broadly adopted across government and enterprise identity providers
- Token-based authentication -- no password sharing between systems
- Granular scopes -- request only the permissions your integration requires
- MFA support -- Multi-Factor Authentication is enforced at the Identity Provider level, including PIV/CAC smart card compatibility
As referenced in CISA guidance:
"Open ID Connect, OAuth 2.0, Kerberos, and SAML 2.0 are examples of protocols that use secure, non-password-based connections for SSO."
Console
Identity Provider (IDP) profiles are managed from the eCourtDate Console:
https://console.ecourtdate.com/idps
Prerequisites
Before configuring OAuth / SSO, ensure you have the following:
- Administrator access to the eCourtDate Console
- At least one assigned agency in your eCourtDate account
- Administrator-level access to an OAuth 2.0-compliant Identity Provider
- A test environment is recommended before deploying to production
- Each IDP profile is limited to a single region
Supported Providers
eCourtDate works with any OAuth 2.0 / OIDC-compliant Identity Provider. The following providers have been validated and have dedicated configuration guides:
| Provider | Notes |
|---|---|
| Azure Active Directory | Microsoft Entra ID; widely used in government |
| Google Workspace | Google Cloud Identity |
| AWS Cognito | Supports GovCloud regions |
| Okta | OIDC - OpenID Connect Web Application |
| Custom OIDC Provider | Any provider supporting OAuth 2.0 Authorization Code flow and OIDC 1.0 |
FedRAMP-Authorized Providers
For organizations requiring FedRAMP compliance, the following providers are FedRAMP-authorized and compatible with eCourtDate:
| Provider | Highlights |
|---|---|
| Ping Identity | FIDO2 support |
| ForgeRock | Government sector focus; on-premises option available |
| Oracle Identity Cloud Service | Enterprise-grade cloud identity |
| OneLogin | FedRAMP Ready |
| Keycloak | Open-source; on-premises deployable |