Single Sign-On (SSO)

Single Sign-On (SSO) is an authentication method that enables a user to log in with a single identity to any of several related, yet independent, applications and databases. Or in other words: log in once and access services without answering authentication challenges.

 

Single Sign-On (SSO)

FAQs

  • Where is SSO used?

    Single Sign-On (SSO) authentication systems are mostly deployed in enterprise environments where employees need access to several applications/websites of their organization.

    Just-in-time access permission management

  • Is SSO related to Active Directory?

    AD and SSO are quite distinct. One is the authoritative source of identities, otherwise known as an on-prem directory service, while the other is a cloud-based service. The latter uses a web app identity extension point solution to merge identities from a core directory to web applications.

  • Is SSO a security risk?

    Like any access, SSO also has implied security loopholes. Fortunately, implementing additional controls, such as multi-factor authentication (MFA) and session management, can minimize the associated risks. However, you must accurately identify the dangers associated with SSO to find and implement a highly secured protocol.

  • How do I test SSO login?

    You must test SSO to detect configuration problems. For this:
    – Navigate to the user page and open the SSO configuration tab
    – Click test on the “test your SSO” Section.

  • Is SSO considered 2FA?

    SSO simply allows users to access their resources with a single authentication procedure. In contrast, a two-factor authentication deploys two verification methods to authorize login attempts, whereas MFA utilizes two or more methods.

  • Why is SSO not secure?

    SSO has both adverse and favorable consequences. Accessing multiple platforms with a single set of credentials is indeed convenient, but from a security point of view, it can be a matter of concern. If a hacker gains access to the credentials, the security of all the associated accounts will be compromised.