Single Sign On (SSO)
SSO is an authentication method where users can authenticate multiple applications and websites by using one set of credentials. For Ex: If the user has a Microsoft account he/she can access Microsoft products like Onedrive, Outlook, Office, Windows Hotmail, Bing, etc.
How the SSO Works
The certificate is exchanged between the service provider and the identity provider. This certificate is digital information of the user like his Email ID, password, Biometric, etc. The service provider requests the identity provider to authenticate the user by verifying his digital information to access the services. This digital information is called SSO Token. The identity provider is used to authenticate the user using the token. It may be part of the service provider or 3rd party identity provider.
- users wants to access the website or application (Gmail).
- The Service Provider provides the SSO token (digital information) to the identity provider to authenticate the user.
- If the authentication is successful, the identity provider informs that the credential is validated by the service provider.
- Finally, the user may access the application (Gmail). He/She may access the various products (Drive, Photos, Maps, Youtube) of the service provider if they have various products through one set of credentials.
Advantages of SSO:
Reduced the count of passwords putting several times for each service. SSO works best with Multi-Factor Authentication in terms of security. Storing the user’s credentials in the database is reduced.
Disadvantages of SSO
It is difficult to remember the password when logging into an application if the application has several services. If the devices are left without proper sign-out, then the unauthorized person may have full access.
Last Updated: 07-Jan-2024