Harjot Singh's Blog

SSO - Single Sign-On

SSO - Single Sign-On

Harjot Singh's photo
Harjot Singh
ยท

2 min read

Passwords are a mess!
Especially when you need to memorize that one password that you have used on a particular website ๐Ÿ˜ฅ

But no worries SSO will hold your hand and help you to surf over this digital ocean effortlessly ๐Ÿ˜Ž

But what is SSO?
Single Sign-On (SSO) is an authentication process.

Users can access multiple applications or websites using only a single login credentials.

There are 3 main components:

1. Identity Provider (IdP)

-Authenticates user identities and provides tokens to prove their identities to others.
-When a user tries to access a service, the service redirects the user to the IdP.
-The IdP asks the user to log in and validates the credentials.
-Once validated, it sends a token back to the service provider.

2. Service Provider (SP)

-Provides the end service (like a dashboard, tool, or app) the user wants to use.
-When a user tries to access the service, the SP receives a token from the IdP.
-The SP validates the token and grants access to the service.

3. Identity Broker
-Sits between the IdP and multiple SPs to translate the authentication credentials.
-It is helpful in scenarios where multiple IdPs or SPs use different standards.
-The Identity Broker receives the token from the IdP and translates it into a format that the SP can understand, or vice versa.

The Workflow
-Initial Request: The user accesses one of the service providers for the first time. This service provider redirects the user to the Identity Provider (IdP).
-Authentication: The IdP prompts the user for credentials. After verifying them, the IdP generates a token.
-Token Issued: The IdP sends this token back. The service provider validates the token and grants the user access to the service.

Next Access: The system reuses the same token or session when the user attempts to access another service within the SSO scope. This way, the user doesnโ€™t have to log in again.

Pros

- Easier for users.
- Centralizes account management.
- Reduces password fatigue.

Cons

- If the IdP is compromised, multiple services are at risk.
- Complexity in setup and maintenance.

SSO sounds simple, but the reality is different

Feel free to add anything I missed ๐Ÿ˜Š๐ŸŒฑ

SSOsso authenticationsingle sign onokta single sign on integrationSSO - Single Sign-On
ย