Nov 19, 2021
151 Views
0 0

How Single Sign-On (SSO) Authentication Works

Written by

The Home of the Security Bloggers Network
Home » Cybersecurity » Cloud Security » How Single Sign-On (SSO) Authentication Works
Modern single sign-on (SSO) is an authentication method that enables users to securely and efficiently authenticate to a variety of IT resources such as networks, devices, servers, applications, and services using a single set of credentials. At JumpCloud®, we refer to modern SSO as True Single Sign-OnTM compared to the traditional and outdated version of web application SSO. 
The difference here is that web app SSO only connects users to web apps, while True SSOTM allows users to connect to virtually any IT resource via SSO by a variety of open protocols. This allows IT admins to manage identities and access no matter what resources live within their IT ecosystem. Modern SSO also serves other purposes — it improves security along with user and IT productivity, reduces password fatigue and management, streamlines the user experience, prevents Shadow IT, and more.
In this article, we’ll dive into an overview of how single sign-on works, protocols you need to be aware of, how to choose the protocols you need, and how JumpCloud’s SSO solution works.
Single sign-on allows users to authenticate to various IT resources with one username and password combination based on a trusted relationship between each resource and an identity provider (IdP). Typically, this relationship’s foundation stems from a certificate that is exchanged between the resource (or service provider (SP)) and the IdP when configuring SSO. 
The certificate’s purpose is to create a trust relationship between the SP and the IdP to verify the integrity of the information being exchanged. During the single sign-on process, the identity data being pushed from the IdP to the SP takes the form of tokens which contain identifying bits of information about the user. These tokens can be signed with the certificate used when creating the trust relationship.
When a user signs into an SSO provider’s portal, the IdP tracks that the user is already authenticated, usually via a session cookie. From there, any resource connected via SSO will check with the SSO provider when a user attempts to access that resource. If (Read more…)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Brenna Lee. Read the original post at: https://jumpcloud.com/blog/single-sign-on-actually-works

More Webinars

source

Article Categories:
Cloud Security

Comments are closed.