SSO

SSO

November 16, 2023 | permanent

tags
Security

Summary #

  • SSO is an Authentication method or service. It enables users to utilize one set of login credentials or claims for accessing multiple resources, applications, tools, or platforms.
  • SSO is a type of authentication that makes user identity management easier across various applications.
  • It provides users with a seamless experience, reducing the stress of continuously re-entering passwords and usernames/emails while aiding productivity.

What it is? #

Single sign-on (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials.

The concept of a centralized or linked electronic identity is known as federated identity. Federated identity systems handle several concerns:

  • Authentication The authentication aspect deals with validating user credentials and establishing the identity of the user.

  • Authorization is related to access restrictions (e.g., is the user allowed to access X resource?).

  • User attributes exchange aspect deals with data sharing across different user management systems. For instance, fields such as “real name” may be present in multiple systems. A federated identity system prevents data duplication by linking the related attributes.

  • User management

Glossary #

IdP #

Service Provider #

SAML #

Sends the user’s identity from one place (IdP) to the requesting service provider (Decisions) through an exchange of digitally signed XML documents

IdP (signed XML) -> SP

OAuth2 #

A protocol used to provide client applications with “secure delegated access.”

OpenID #

Simple identity layer, for authentication, built on top of OAuth 2.0

Links to this note

Calendar November 20, 2023

Go to random page

Previous Next