What is SSO?
literally, it allows users to access multiple applications with one set of login credentials.
Most common standards are Secure Authentication Markup Language (SAML) 2.0 and OpenID Connect/OAuth 2.0. These standards are like common "languages" for authentication tokens.
How does SSO work?
3 Parties involved
- Service Provider
- Identity Provider
- User
Basically, when a user signs into an SSO service, the service creates an authentication token that verifies the user's identity. This token is a piece of digital data stored in the user's web browser or on the SSO service's servers. When a user attempts to access an application, the token will check with the SSO service, which passes the authentication token to the app. If the token is valid, the user is allowed to access the app. If not, they are prompted to do so through the SSO service.
