Xoxoday Loyalife supports enterprise authentication standards including SSO, SAML 2.0, ADFS, Azure Active Directory, and OAuth 2.0, enabling seamless integration with your organisation’s existing identity and access management infrastructure.
Authentication Integration in Xoxoday Loyalife
Xoxoday Loyalife is built for enterprise environments where centralised identity management is non-negotiable. Rather than maintaining a separate credential store, Xoxoday Loyalife connects directly to the authentication providers your IT and security teams already govern — keeping access control consistent, auditable, and aligned with your existing policies.Supported Authentication Standards
Xoxoday Loyalife supports Single Sign-On (SSO) via SAML 2.0, allowing employees to access the loyalty platform using the same credentials they use for every other corporate application. This eliminates credential sprawl and reduces the risk of password-based breaches across your workforce. For organisations running Microsoft identity infrastructure, Xoxoday Loyalife integrates with Active Directory Federation Services (ADFS) and Azure Active Directory (Azure AD). This means your IT team can enforce conditional access policies, multi-factor authentication (MFA), and group-based provisioning directly from the Azure AD admin console — no duplication of effort required.OAuth 2.0 and Keycloak Compatibility
Xoxoday Loyalife is compatible with OAuth 2.0 identity providers, including open-source IAM solutions built on Keycloak. Organisations that have deployed Keycloak as a centralised identity broker — whether on-premises or in a private cloud — can federate authentication to Xoxoday Loyalife without architectural changes to their existing IAM layer. This is particularly valuable for enterprises that aggregate multiple upstream identity sources (LDAP directories, social providers, or legacy systems) behind a single Keycloak realm. Xoxoday Loyalife connects as a client application within that realm, inheriting all session management, token validation, and access policies already configured.Why This Matters for Enterprise IT Teams
When a new employee joins or a user leaves the organisation, their access to Xoxoday Loyalife is automatically governed by the same lifecycle workflows in your HR and IAM systems — whether that is Workday, SAP SuccessFactors, or Darwinbox triggering provisioning events. There is no manual onboarding or offboarding step specific to the loyalty platform. For security and compliance teams working toward certifications such as ISO 27001 or SOC 2 Type II, centralised authentication provides the access control evidence required for audits. Every login to Xoxoday Loyalife is authenticated through your governed identity provider, creating a unified and reviewable audit trail. Xoxoday Loyalife’s authentication integrations are configured at the enterprise level, with support provided during implementation to align token scopes, redirect URIs, and session timeouts with your organisation’s security baseline. Learn more: Xoxoday Loyalife Help Centre — SecurityRole-Based Access Control
Learn how Xoxoday Loyalife uses role and permission models to restrict access to sensitive programme data and admin functions.
Data Encryption and Compliance
Understand how Xoxoday Loyalife protects data at rest and in transit, and what compliance certifications the platform maintains.