Single Sign-On (SSO) l What Is It?

Single sign-on allows the user to be automatically authenticated by multiple applications, resources or websites with a single authentication. When the user connects to one of these resources, the authentication step having already been validated, the system gives the user direct access.

The interest is in particular to free the user from the managing  multiple passwords, and to apply much more robust security policies (increased password complexity level, regular password rotation).

Within a corporate network or for mobile employees, single and universal authentication solutions exist that allow access to web applications but also to business applications. These solutions do not require applications to be compatible with specific protocols and adapt to the different cases that organizations may encounter.

There are also identity federation mechanisms that enable single sign-on beyond the organizations themselves. These mechanisms require making different applications compatible with different protocols (SAML) or different federation systems (Shibboleth).