How do you login to a website? By entering credentials or verifying yourself via email or any other means? Many websites offer social login which simplifies the authentication process. But nowadays organizations have more than one website that is interrelated to each other. For such organizations earlier mentioned techniques are not much profitable. Users have to login each website independently in order to get access different services. The Web Single Sign-On came into the picture to eliminate the problem.
It is an amazing way of authentication to multiple websites. The solution lets users to access all the web services of a business by login to any of the websites. They don’t need to authenticate all the services individually. If they are logged-in to any of the service protected with WSSO solution they don’t need to login again on any of them.
Hence we see that WSSO is a smooth approach of login to multiple websites of a business. Apart from smooth login experience, the solution is also safe. It is implemented using SAML (security assertion markup language) technology. And SAML is an XML-based solution for web browsers that eliminates the need for service specific passwords.
The working of Single sign-on solution
Here I am going to explain the working of the solution with an example. Suppose a user opens a browser and searches for an online video website named “yourvideo.com”. But the mentioned website doesn’t handle the authentication process. So, it sends an authentication request to the identity provider and the identity provider (IDp)authenticates the request.
The IDp offers an authentication form to the user that he needs to fill the required username and password to get access. Once the user enters the credentials, the IDp generates a SAML token. The token contains the information about the user and redirects the user to service provider, yourvideo in case.
The service provider decrypts the token and extracts the information of the user. Now, the user is able to access all the services of yourvideo and same kind of cookies and sessions of the website.
This is the basic function of SSO. If you have any doubt, please mention it in the comment section.