What is SSO?

Single Sign-On (SSO) Explained

Single Sign-On (SSO) is an authentication method that allows users to log in once and access multiple applications without having to log in again.

Real-World Example

Think about your experience with Google services:

  1. You log into Gmail with your Google account

  2. You can then access YouTube, Google Drive, Google Photos without entering your password again

  3. All these services recognize that you're already authenticated

This is SSO in action!

What is an Identity Provider (IDP)?

An Identity Provider (IDP) is a system that:

  • Manages user identities and credentials

  • Provides authentication services

  • Issues security tokens to applications

  • Maintains user profile information

Oten IDP is our identity provider system that enables SSO for your applications.

How SSO Works (Simple Version)

How SSO Works

  1. User tries to access any application

  2. Application redirects to Oten IDP

  3. User logs in once at the IDP

  4. IDP confirms identity to all applications

  5. User can access all applications without logging in again

Key Concepts

Authentication vs Authorization

  • Authentication: "Who are you?" (Proving identity)

  • Authorization: "What can you do?" (Permissions and access rights)

SSO primarily handles authentication - proving who you are.

Federated Identity

SSO enables federated identity, where:

  • One identity can be used across multiple systems

  • Trust relationships exist between applications and the IDP

  • User data is shared securely between trusted systems

SSO vs Traditional Login

Traditional Login (Without SSO)

App 1: Username + Password
App 2: Username + Password  
App 3: Username + Password

❌ Multiple passwords to remember ❌ Multiple login processes ❌ Security risks from password reuse

With SSO

Oten IDP: Username + Password

App 1: ✅ Automatically logged in
App 2: ✅ Automatically logged in
App 3: ✅ Automatically logged in

✅ One password to remember ✅ Single login process ✅ Enhanced security

Common SSO Protocols

Oten IDP uses industry-standard protocols:

  • OAuth 2.0: Authorization framework

  • OpenID Connect (OIDC): Identity layer on top of OAuth 2.0

  • SAML: Security Assertion Markup Language (for enterprise - coming soon)

Don't worry about the technical details yet - we'll cover these in the developer sections!

Next: Learn about Why Use SSO? to understand the benefits

PreviousIntroductionNextWhy Use SSO?

Last updated