SSO (Single Sign-On)

SSO is an authentication system where logging in once automatically grants you access to other connected services and sites.
For example, using your Google account to log in to other apps and websites is a form of SSO.
It eliminates the need to re-enter your password for each service, while centralizing authentication management in one place.

Behind the scenes, two roles work together: the IdP and the SP.
The IdP (Identity Provider) is the party that verifies who you are. The SP (Service Provider) is the party that delivers the service.
When a user authenticates with the IdP, a "ticket" is issued as proof of identity.
Whenever the user accesses a connected SP, that ticket is automatically presented, granting secure access without a separate login.

To ensure this ticket exchange happens reliably, standard protocols like SAML and OIDC are used.
This allows services from different organizations to integrate securely with each other.

For organizations, one major benefit is the ability to centralize employee account management.
Not only does it prevent the risk of users reusing passwords across services, but when an employee leaves, disabling their central account immediately cuts off new logins to all connected services.
Because it strengthens security while reducing administrative overhead, SSO is widely adopted in enterprise environments.