𝗦𝗦𝗢 (𝗦𝗶𝗻𝗴𝗹𝗲 𝗦𝗶𝗴𝗻-𝗢𝗻) 𝗲𝘅𝗽𝗹𝗮𝗶𝗻𝗲𝗱

SSO is an authentication process that allows users to access multiple apps with a single master key.

This is accomplished using a central authentication server that stores the user's credentials and verifies them for each application.

Here are 𝘁𝗵𝗲 𝘀𝘁𝗲𝗽𝘀 that happen if you want to access the Trello web app by using your Google account:

1. Use the Trello login web page and select Google account as a login method

2. Trello redirects the user to the Google login page

3. User is served with the Google login page

4. The user enters their Google credentials

5. Google sends authentication info to the SSO Authorization server

6. If credentials are valid, the Authorization server returns the auth token (SAML)

7. Google sends the auth token to the Trello

8. In the last step, Trello sends the token to the Google Authentication server to validate its

9. If the token is valid, Trello will allow access to the user and store the session for future interactions

✅ The 𝗯𝗲𝗻𝗲𝗳𝗶𝘁𝘀 of SSO are:

🔹 Improved user experience. Users do not need to remember multiple usernames and passwords.

🔹 Increased security. Users are less likely to reuse passwords across applications.

❌ The 𝗱𝗶𝘀𝗮𝗱𝘃𝗮𝗻𝘁𝗮𝗴𝗲𝘀 are:

🔸 Single point of failure. One of the most notable disadvantages is that SSO creates a single point of failure. If the SSO system is compromised, the attacker could access all connected applications and services.

🔸Security risks. If credentials are compromised, the security of all connected applications could be at risk.

Some 𝗰𝗼𝗺𝗺𝗼𝗻 𝘁𝘆𝗽𝗲𝘀 𝗼𝗳 𝗦𝗦𝗢 are:

🔹 𝗦𝗔𝗠𝗟-𝗯𝗮𝘀𝗲𝗱 𝗦𝗦𝗢. This is the most common type of SSO. It uses the SAML protocol to exchange authentication information between the SSO server and applications.

🔹 𝗢𝗽𝗲𝗻𝗜𝗗 𝗖𝗼𝗻𝗻𝗲𝗰𝘁. This is a newer SSO type based on OAuth 2.0. It is a more straightforward protocol than SAML and is easier to integrate with web applications.

And 𝗽𝗼𝗽𝘂𝗹𝗮𝗿 𝗦𝗦𝗢 𝘀𝗼𝗹𝘂𝘁𝗶𝗼𝗻𝘀 are:

➡️ Azure Active Directory

➡️ Okta

➡️ Ping Identity

➡️ OneLogin

➡️ Google Cloud Identity Platform