SSO or Single Sign-On is a security authentication method that lets users log in to various apps and websites using just one credential. This forces an easier experience for the user, improves productivity, and adds a security layer.
How SSO Works
Creating this working relationship between an application and the identity provider solution is what allows for SSO and simplifies the way authentication and access control work.
User Identity Provider then creates a session for user for the authenticated session (session establishment)
Token Issuance: The identity provider sends a security token, such as a cookie or security assertion, to the user’s browser.
Presenting Applications: An SSO-enabled application sees the token presented by the User’s browser and validates the token by checking its signature and the token’s associated claims.
Benefits of SSO
Improved User Experience: Users can access different applications and only need to log in with one set of credentials, making it less frustrating and creating more productivity.
Enhanced Security — SSO can reduce password-related security risks by providing centralized authentication.
Enforced Password Policies — with SSO, you can enable things like password complexity and expiration.
Easier Management of Users: SSO is a centralized way to handle and track users and their accounts and all their permissions.
Lower IT Costs: The process of user provisioning and de-provisioning can be automated easily using SSO.
Common SSO Protocols
PRO SAML (Security Assertion Markup Language): A standard for exchanging authentication and authorization information between different security domains.
OAuth 2.0 : Authorization framework that allows dutch users third party apps to access their data without sharing their password.
OpenID connect: Authentication built on top of OAuth 2.0 with additional functionalities like user information and SSO,
Conclusion
SSO is now synonymous with modern enterprises.
