Single Sign-On (SSO)
Empower your consumers, business customers, and workforce users with a simple, intuitive login experience.
Minimize password resets, user fatigue, and security risks by providing users a simpler, more secure login process.
What is SSO?
SSO allows users to access multiple applications or websites with a single set of credentials. Instead of having to remember different usernames and passwords for each service, users can log in once and gain access to all connected applications.
Benefits of SSO
For Internal Workforce
Organizations use dozens or even hundreds of different applications. Without SSO, users can easily develop password fatigue, leading to login issues from forgotten passwords, increased help desk costs, and elevated risk from password reuse.
SSO minimizes these issues by providing users a simpler, more secure login experience. Organizations also benefit with reduced administrative effort and greater visibility into what users are accessing which resources.
For External Consumers and Business Customers
Customer-facing web pages and mobile apps often connect to multiple backend services and applications to provide the content and features required. Despite this complexity, it’s imperative to deliver a smooth, seamless user experience. If users are forced to log in multiple times, many will simply leave and go elsewhere.
SSO ensures that users face minimal friction due to excessive logins as they navigate through the various components of your customer-facing apps.
How Does SSO Work?
Centralized Authentication
SSO relies on a centralized authentication service that enables all connected apps to confirm users’ identities.
Initial Log In
The user enters their credentials (such as username and password) into the central authentication service. Optionally, organizations can require multifactor authentication to strengthen users’ initial login.
Launch Apps
Through the MyAccount user portal, users can discover which applications are available to them (as configured by the administrator), and conveniently launch them from there.
Token-Based Access
The central authentication service generates a secure token and shares it with other applications. When a user tries to access an app, the token is verified and access is granted. WSO2 supports all major standards including OIDC, OAuth 2.0, and SAML.
Convenient, Secure Access
As long as users remain logged into the central authentication service, they are automatically granted access to connected applications, including third party apps, with no additional logins required.
Simpler Administration
Organizations no longer need to set up and administer user accounts and passwords in each connected application. Help desk tickets due to login problems are dramatically reduced.
Monitoring and Reporting
The centralized authentication system makes it possible to monitor and report on access events, improving organizations’ ability to track who is accessing what, both for compliance and internal management purposes.
