SearchSupportDocsFree trial
Contact us

Knowledge Base

Knowledge BaseSafeNet Authentication Client software

How to Enable SafeNet Single Log-on for Document or Code Signing

Updated on June 2, 2026

Overview 

By the end of this article, you will have configured SafeNet Authentication Client to allow Single Sign-On (SSO, also shown as Single Logon in the SafeNet menus ) for Public-Key Cryptography Standards #11 (PKCS#11) document or code signing operations on Windows, so users enter their token password once per Windows session instead of for every signed file. The article covers the intended Audience, the applicability Scope, Prerequisites, a six-step procedure inside the SafeNet Authentication Client Tools window, and Important Considerations covering purpose, security trade-offs, and session duration. 

 
 

Scope 

Applies to SafeNet Authentication Client installed on Windows systems for PKCS#11-based signing operations. 

Prerequisites 

  • SafeNet Authentication Client installed on the Windows computer used for signing. 

  • A valid SafeNet hardware token and its associated credentials. 

  • Administrator access on the Windows computer to modify SafeNet client settings. 

 

Configure Single Sign-On 

Complete the following six steps inside the SafeNet Authentication Client Tools window to enable SSO for PKCS#11 signing:

 

Step 1- Open SafeNet Authentication Client Tools from the Start menu (Start > Program Files > SafeNet > SafeNet Authentication Client Tools), or by right-clicking the SafeNet icon in the Windows taskbar and selecting Tools.  

  
               

 

Step 2- In the SafeNet Authentication Client Tools window, click the gear icon in the top-right toolbar to switch to Advanced View.  

 

  

          

 

Step 3 - In Advanced View, select Client Settings in the left navigation pane. 

  
                           

 

Step 4 - In the Client Settings panel, click the Advanced tab. 

  
                       

 

Step 5 - On the Advanced tab, select the Enable Single Logon checkbox, set Automatic logoff after token inactivity (in minutes) to Never, and click Save.   

 

Step 6: Log off Windows and log back in, or restart the computer, so that the new Single Logon setting takes effect.  

Important Considerations 

  • Purpose: This feature is designed for users who perform batch signing — for example, signing many documents or binaries at once — without entering the token password for each individual file. 

  • Security risk: Enabling Single Logon reduces security because anyone with physical access to the logged-in computer can sign files without knowing the token password. Disable this feature for standard, non-batch signing. 

  • Session duration: Once enabled, SafeNet Authentication Client retains the token credentials for the duration of the Windows session and does not prompt again until the user logs off Windows or restarts the computer. 

Similar Questions 

  • How do I stop SafeNet from asking for my token password every time I sign a file? 

  • How do I enable Single Logon (Single Sign-On / SSO) in SafeNet Authentication Client? 

  • How can I batch-sign documents or code without re-entering my SafeNet token password? 

  • How do I configure SafeNet so I only enter my PKCS#11 token password once per Windows session? 

  • Where is the Enable Single Logon setting in SafeNet Authentication Client? 

 

Need assistance?

Contact our team for help with your purchase or issuing your certificate.

Live chat

Click the button below or click "Chat with an Expert" to start chatting with us now!

Start chat

Call us today

United States
+1 888 266 6361
France
+33 3 66 72 95 95
Italy
+39 02 4792 1708
Spain
+34 900 838 451
Germany
+49 800 1002328
International
+1 914 732 844

Resources