Authentication with SSO relies on a trust relationship between domains (websites). With single sign-on, this is what happens when you log in to an app or website:
- The website first checks to see whether you have already been authenticated by the SSO solution, in which case it gives you access to the site.
- If you haven’t, it sends you to the SSO solution to log in.
- You enter the single username/password that you use for corporate access.
- The SSO solution requests authentication from the identity provider or authentication system that your company uses. It verifies your identity and notifies the SSO solution.
- The SSO solution passes authentication data to the website and returns you to that site.
- After logging in, the site passes authentication verification data with you as you move through the site to verify that you are authenticated each time you go to a new page.
Illustration of how SSO works