“Ticket.. Ticket.. “, I still remember my student days where city bus ticket collector in the bus used to approach me to make me buy a ticket when I was commuting to my college on road from home. Then, I used to confidently show “my bus Pass - monthly city bus pass season ticket issued to student”. The ticket collector used to grant me my travel in the bus without further validating “whether I am student or not?”. The bus collector used to trust the token id (i.e. bus pass) and used to grant access to me in the bus. Simply put, ticket collector used to pass through me by seeing my bus pass without wasting any further time. What all I needed to do was to purchase my monthly bus ticket ONLY once in a month by submitting my student identity card (issued by my college) and by paying subsidized fee to the road authorities for a given month at their office. Those were sweet memory days where I used to pass through any city bus of my choice with my buss pass. On similar lines, Single Sign On (SSO) concept was developed in software engineering. SSO login refers to when a user logs in to an application with a single set of credentials and is then automatically signed into multiple applications within it's suite.
Single Sign on (SSO) refers to an identification system that allows websites to use other trusted sites to verify users. Let me explain a bit further here. Let us suppose that you just landed in New York Airport by flight from India. The immigration authorities does not want you to prove your identity personally to them. Instead, they trust the passport issued by trusted third party (for example, the passport issued by Government of India) and trust your identity.
Likewise, with SSO, your website does not make me prove my identify by checking with itself. Instead, it asks trusted SSO solutions like LinkedIn or Microsoft passport services or Google if they can verify my identity. If they verify, then the website takes their word and authenticates me further in their web pages.
What is SSO: Thus, Single Sign On (SSO) login refers to when a user logs in to an application with a single set of credentials and is then automatically signed into multiple applications. A very popular example of SSO login is Google's implementation for their software products. That is if you are logged on to your google account (http://accounts.google.com), you are automatically logged on to their suite of applications like Google Search, Google Maps, YouTube, Google Play, News, Gmail, Contacts, Drive, Calendar, Translate, Photos, Shopping, Docs, Books, Blogger, Duo, Hangouts, Earth etc.
How SSO works:
1. User requests access to Google suites of applications
2. If the user is not logged in, request comes in to logon to SSO solution
3. User logs in to SSO with login and password
4. SSO solution will authenticate the user and provide cockie or token ID
5. Using that successful login authentication and the token id passed on by the SSO solution, the user will now access any of the google suite of applications
6. Google suite of applications will now trust the token id provided or session cockie and grants the access
1. User requests access to Google suites of applications
2. If the user is not logged in, request comes in to logon to SSO solution
3. User logs in to SSO with login and password
4. SSO solution will authenticate the user and provide cockie or token ID
5. Using that successful login authentication and the token id passed on by the SSO solution, the user will now access any of the google suite of applications
6. Google suite of applications will now trust the token id provided or session cockie and grants the access
Key benefits of SSO login:
1. Eliminate the time spent re-entering user credentials, thus improving productivity for users and increasing conversion rates for product owners, which means your internal employees and your external users don't have to go through the hassle of maintaining and remembering yet another set of credentials.
2. Eliminate password fatigue from having to store or remember different usernames and passwords.
3. Reduce complaints about password problems, thus reducing the costs associated with setting up several helpdesk systems for password-reset issues, invalid credentials, etc.
4. Minimize phishing, thus improving security.
5. Streamlines the local, desktop, and remote application workflows, thus improving users' productive capacity.
1. Eliminate the time spent re-entering user credentials, thus improving productivity for users and increasing conversion rates for product owners, which means your internal employees and your external users don't have to go through the hassle of maintaining and remembering yet another set of credentials.
2. Eliminate password fatigue from having to store or remember different usernames and passwords.
3. Reduce complaints about password problems, thus reducing the costs associated with setting up several helpdesk systems for password-reset issues, invalid credentials, etc.
4. Minimize phishing, thus improving security.
5. Streamlines the local, desktop, and remote application workflows, thus improving users' productive capacity.