When Problem arises
When users have trouble remembering all of their passwords for various applications, despite the presence of a “Forgot your password” button on the Salesforce login screen, some users are unaware of it.
Here comes the Solution to fix the Problem
Single Sign-On (SSO) is simple, sign in to one system, and all of the other applications you require are automatically signed in. Fewer passwords, fewer headaches, and less lethargy should allow you to focus on what you want to do rather than getting bogged down with administrative tasks like looking for your password clue.
We will have account-level access to Google’s many web applications, such as Google Docs, Google Maps, Google Books, and so on, by signing in to Gmail.
Features Of SSO
- Simple Management
SSO synchronises passwords and user information, making it easier to access many platforms and resources.
The security of the network and applications is improved with this authentication solution. SSO provides encrypted data that is transferred across the web.
SSO solutions improve the user experience by reducing the number of disruptions caused by password queries for significant IT resources.
Due to sign-in automation, access to all applications is seamless.
Pros and Cons Of SSO
1. Increased user adoption, with consumers opting to sign in if they can’t remember the @$ 123 passwords.
2. The cost is lower because there are more minor support requests.
3. Saves time: each user login takes only 10-20 seconds, and there is no need to type.
4. In terms of security, only one password is required for multiple applications.
1.Access to connected systems is lost if SSO fails.
2. Using a single password raises the risk of password compromise.
3. User external accesses identity spoofing
How does SSO work?
SSO is predicated on establishing a trust relationship between a service provider and an identity provider, such as OneLogin. This trust relationship is frequently shown by exchanging a certificate between the identity provider and the service provider. Certification can be used to sign identity information sent from the identity provider to the service provider, ensuring that the service provider receives it from a reliable source. This identifying data is usually stored of tokens in SSO, which contain identifying information about the user such as an email address or a username.
The login flow usually looks like this:
1. The user visits the Service Provider, the programme or website to which they desire access.
2. As part of a request to authenticate the user, the Service Provider gives the SSO system, aka the Identity Provider, a token containing some information about the user, such as their email address.
3. If the user has previously been verified, the Identity Provider grants access to the Service Provider application and skips to step 5.
4. If the user has not yet logged in, they will be asked to enter the Identity Provider’s credentials. It can be as simple as a username and password, or it could contain more information.
5. Once the Identity Provider has verified the credentials. It will return a token to the Service Provider, indicating that the authentication was successful.
6. The Service Provider receives this token through the user’s browser.
7. The Service Provider validates the token received based on the trust relationship established between the Service Provider and the Identity Provider during the initial configuration.
8. The Service Provider gives the user access.
It is possible to have many accesses with a single account using the Single Sign-On identity mechanism i.e Single Sign On with Google. To sum up ,the blog contains info regarding features,pros and cons with how SSO work also included.