How does single sign-on work?




How does single sign-on work?

What is single sign-on?

Single sign-on (SSO) is system that enables users to securely authenticate with multiple applications and websites by logging in only once—with just one set of credentials (username and password). With SSO, the application or website that the user is trying to access relies on a trusted third party to verify that users are who they say they are.

How does authentication work without SSO?

Without single sign-on, each website maintains its own database of users and their credentials. This is what happens when you try to log in to an app or website:

  • The website first checks to see whether you’ve already been authenticated. If you have, it gives you access to the site.
  • If you haven’t, it asks you to log in and it checks your username and password against the information in its user database.
  • After login, the site passes authentication verification data as you move through the site to verify that you are authenticated each time you go to a new page.
  • The authentication verification data is usually passed as either cookies with session data or as tokens, which don’t track the session and are faster to process.

    Also Read:- How Can Modern Technology Help In The Marketing Business?

    How does SSO work?

    Authentication with SSO relies on a trust relationship between domains (websites). With single sign-on, this is what happens when you try to log in to an app or website:

    1. The website first checks to see whether you’ve already been authenticated by the SSO solution, in which case it gives you access to the site.
    2. If you haven’t, it sends you to the SSO solution to log in.
    3. You enter the single username/password that you use for corporate access.
    4. The SSO solution requests authentication from the identity provider or authentication system that your company uses. It verifies your identity and notifies the SSO solution.
    5. The SSO solution passes authentication data to the website and returns you to that site.
    6. After login, the site passes authentication verification data with you as you move through the site to verify that you are authenticated each time you go to a new page.

    In SSO, authentication verification data takes the form of tokens.

    The website redirects the user to the SSO website to log in. The user logs in with a single username and password.

    Also Read:- Artificial Intelligence And Our Economic And Technology Singularity

    The SSO website verifies the user’s identity with an identity provider, such as Active Directory.

    When the user tries to access a different website, the new website checks with the SSO solution. Since the user has been authenticated, it verifies the user’s identity to the new website without requiring an additional login.

    What makes a true SSO system?

    It’s important to understand the difference between single sign-on, and password vaulting, which is sometime referred to as SSO. With password vaulting, you may have the same username and password, but you have to enter it each time you move to a different application or website.

    With SSO, after you’re logged in via the SSO solution, you can access all company-approved applications and websites without having to log in again. That includes cloud and on-prem applications which are often available through an SSO portal (also called a login portal). SSO uses a concept called federation to provide federated SSO.

    What is federated SSO?

    SSO solutions that use federation enable true single sign-on by taking advantage of the organization’s identity provider (IP), such as Microsoft Active Directory (AD) or Azure Active Directory (Azure AD). The identity provider usually acts as the authentication server and stores the user’s identity and information, such as the username, password, domains the user has access to, and even which activities the user is allowed to do on each site or within each app. (Verifying the activities that the user is allowed to do is called authorization. For example, a user may have access to Salesforce reports but may not be permitted to edit customer records.)

    For true SSO, either the SSO solution is built into the identity provider or the SSO solution uses one or more identity providers to authenticate the user.

    Authentication requests and information are passed using standard, secure protocols, such as SAML or OAuth. The websites requesting authentication have a trust relationship with the SSO solution, and trust relationships exist between the SSO solution and the identity providers. A trust relationship means that one domain trusts another’s information about user identities, devices, and access privileges.

     



Author Biography.

CrowdforThink
CrowdforThink

CrowdforThink is the leading Indian media platform, known for its end-to-end coverage of the Indian startups through news, reports, technology and inspiring stories of startup founders, entrepreneurs, investors, influencers and analysis of the startup eco-system, mobile app developers and more dedicated to promote the startup ecosystem.

Join Our Newsletter.

Subscribe to CrowdforThink newsletter to get daily update directly deliver into your inbox.

CrowdforJobs is an advanced hiring platform based on artificial intelligence, enabling recruiters to hire top talent effortlessly.

CrowdforJobs

CrowdforApps brings to you the well researched list of the most successful and finest App development companies, Web software developers.

CrowdforApps

CrowdforGeeks is where lifelong learners come to learn the skills they need, to land the jobs they want, to build the lives they deserve.

CrowdforGeeks

CrowdforThink is a leading Indian media and information platform, known for its end-to-end coverage of the Indian startup ecosystem.

CrowdforThink
CFT

News & Blogs

804dec9f5980f2c476982892aa2c0ca2.jpg

Managing Your PDF Files: 3 Best Converters That...

Managing their PDFs is a hard task for many people, especially if you don’t have any idea w...

cdd74198fec958a5c631a70b4136322c.jpg

PDF Files: 3 Best PDF Converters to Handle Your...

PDF Files: 3 Best PDF Converters to Handle Your PDFs Computers are an essential part of our dail...

575283677d87d290da640ba5e7a20dc0.jpg

3 Reliable and Secure PDF Converters to Convert...

It’s undeniable that computers play an important in many people’s lives. Computers ar...

Top Authors

Hey, I am Suraj - a full-time blogger and a social media expert currently working on the Growth H...

Suraj Kumar

With good communication and writing skiils, Astha Sharma is a full-time content writer working wi...

Astha Sharma

Overall 3+ years of experience as a Full Stack Developer with a demonstrated history of working i...

Lokesh Gupta

Aditya Sehgal is a recognised financial adviser, tech and gadget writer and blogger. Still he has...

Aditya Sehgal
CFT

Our Client Says

WhatsApp Chat with Our Support Team