Hello Friends,

In this series, We will be discussing about single sign on(SSO) and Types of SSO  and We will discuss about underlying architecture.

Single Sign on(SSO):

Single Sign On (SSO) is a process that allow a user to access multiple services by logging in or  authenticate only once. This involves authentication into all services the user has given permission to, after logging into a Identity provider(Ex: ADFS).

The basic process of SSO is as follows:

1. The first step is logging into the main service(Ex, Idp) 
2. The user requests access to a protected SP(Salesforce, ServiceNow, etc) resource 
3. Idp  verifies user authorization with the help of attributes from the user data store
4. Based on that Idp generate SAML response containing the authentication assertion and any additional attributes
5. Based on SAML response, Idp will redirect you to the protected service provider

A good example of the use of SSO is in Google’s services. You need only be signed in to one primary Google account to access different services like YouTube, Gmail, Google+, Google Analytics, and more.

Advantages of SSO:

1. No need to manage large numbers of passwords. 
2. A simpler sign-up and login process, which can also be good for conversions. 
3. Reduced exposure to the risks of data loss. Users already trust the identity provider 
4. etc 
   In next post we will discuss in detail about SAML, Idp, SP, stc. Stay tune