The goal of single sign-on is simple. Remove the need for users to remember a number of passwords to login to their applications.

For an application developer, SSO can enable:

  • A web application wanting to log users in across multiple web assets without re-prompting them to login
  • A user being able to log in to all their applications (on-prem and SaaS) by only typing their password once (or maybe not at all)
  • Removing passwords from applications; reducing risk and aligning SaaS applications with organizational IAM policies

This guide will walk you through the concepts and considerations of authentication, Single Sign-On (SSO) through to federated SSO. Learn what "Federation" means and why open standard federation protocols enable cross-domain identity propagation.

In the following sections, we will provide a background into the protocols, roles and terminology involved in open standard federation protocols and how you as a developer can leverage these protocols to secure and enable identity in your application.