S
SSO (Single Sign-On)
An authentication method allowing users to access multiple applications with one set of credentials through a single login session.
What is SSO?
Single Sign-On (SSO) is an authentication method that enables users to access multiple independent applications using one set of credentials. After initial authentication, users can access all connected systems without re-entering credentials.
How SSO Works
- User attempts to access an application
- Application redirects to SSO identity provider
- User authenticates once with the identity provider
- Identity provider issues authentication token
- Token grants access to all connected applications
- Session remains valid across applications
SSO Protocols
- SAML 2.0: XML-based, enterprise standard
- OAuth 2.0: Authorization framework
- OpenID Connect: Identity layer on OAuth 2.0
- Kerberos: Network authentication protocol
- LDAP: Directory-based authentication
Benefits
- User Experience: One password to remember, faster access
- Security: Stronger passwords, centralized MFA
- IT Efficiency: Simplified user management, reduced help desk calls
- Compliance: Centralized access logging and control
SSO Considerations
- Single point of failure risk
- Initial implementation complexity
- Need for strong primary authentication
- Application compatibility requirements
- Session management across applications