13 Single Sign-On (SSO)

Single Sign-On (SSO) is an authentication approach that enables users to access multiple applications using a single, trusted set of credentials.

Instead of logging in separately to each application, users authenticate once with an Identity Provider (IdP). The IdP then issues secure tokens or assertions that downstream applications accept.

SSO provides the following benefits:

• Better user experience: One login grants access to many applications, reducing repeated sign-ins and login fatigue.
• Stronger security: Fewer passwords to manage, centralized multi-factor authentication (MFA) and policy enforcement, and reduced phishing risk.
• Centralized on-boarding and off-boarding: Employee access can be managed in one place, improving control over application access.
• Consistent compliance and auditing: Unified logs and policies make it easier to meet regulatory requirements and support audits.
• Reduced password sprawl: Encourages modern token-based authentication and lowers the chance of weak or reused passwords.

Enabling SSO for an enterprise is optional and certain prerequisites need to be met. See Prerequisites and Limitations for more details.

• Understanding SSO

  Simphony supports single sign-on for its cloud applications. Learn the common terminology and important prerequisites.

• Configuring SSO

  Enabling and configuring SSO consists of several steps. Follow the instructions starting with creating your identity domain to configuring federation. You can optionally bulk update users to federation status.