The goal of single sign-on is simple. Remove the need for users to remember a number of passwords to login to their applications.
For an application developer, SSO can enable:
- A web application wanting to log users in across multiple web assets without re-prompting them to login
- A user being able to log in to all their applications (on-prem and SaaS) by only typing their password once (or maybe not at all)
- Removing passwords from applications; reducing risk and aligning SaaS applications with organizational IAM policies
This guide will walk you through the concepts and considerations of authentication, Single Sign-On (SSO) through to federated SSO. Learn what "Federation" means and why open standard federation protocols enable cross-domain identity propagation.
In the following sections, we will provide a background into the protocols, roles and terminology involved in open standard federation protocols and how you as a developer can leverage these protocols to secure and enable identity in your application.