Security and Single Sign-On (SSO)

Data protection

Data in VXL Server is encrypted at rest and in transit, and hosted within the EU.

Data is only stored for as long as is necessary.

Vince does not share any Personal data with third-parties.

Single Sign-On (SSO)

In versions of VXL and VXL Server released after August 2022 we support SSO.

SSO means that your identity provider is configured in VXL Server and VXL as the source of truth for user identities and authentication.

If you use SSO, then your identity provider configuration determines if there is multi-factor authentication required, as well as the type of multi-factor authentication.

We strongly recommend configuring SSO as it simplifies the login experience for user and admin alike.

Compatible SSO Providers

We support any OIDC compliant identity provider, such as Microsoft 365, Google, Okta, Ping, Auth0, etc.

We do not support SAML 2.0 based SSO.

Detailed description on data flows

To help clarify some details in relation to various data flows, please see below.

Sign-in flow

Signing in using SSO from either a browser (for VXL Server access) or VXL client, follows the same procedure and is described below.

VXL Client to M3 on-prem

When the client communicates with M3, it does so within the on-prem network, either directly to M3 using a socket connection, or to Infor ION API Gateway using HTTPS.

Which TLS version is used by Infor ION API Gateway depends on customer’s configuration.

Communication with VXL Server server is done using HTTPS/TLS 1.2+

 

VXL Client to M3 cloud

When the client communicates with M3, it does so using HTTPS/TLS 1.2+ to Infor ION API Gateway.

Communication with VXL Server server is done using HTTPS/TLS 1.2+

 

SCIM

SCIM is currently not supported.

MFA

Multi factor authentication is possible in VXL Server and VXL, and is done via sending temporary codes to the registered user’s phone number.

We currently do not support app based temporary one-time passwords. We recommend using SSO instead.