Authentication with SSO relies on a trust relationship between domains (websites). With single sign-on, this is what happens when you log in to an app or website:
The website first checks to see whether you have already been authenticated by the SSO solution, in which case it gives you access to the site.
If you haven’t, it sends you to the SSO solution to log in.
You enter the single username/password that you use for corporate access.
The SSO solution requests authentication from the identity provider or authentication system that your company uses. It verifies your identity and notifies the SSO solution.
The SSO solution passes authentication data to the website and returns you to that site.
After logging in, the site passes authentication verification data with you as you move through the site to verify that you are authenticated each time you go to a new page.
Illustration of how SSO works