Single Sign On (SSO)
- SSO is like getting a key card at the front desk for the day
- The card is given to you if your credentials are correct (authenticated)
- Card maintains your credentials throughout the day
- Card already knows which rooms you need access to (authorized)
- Managed by browser’s tokens:
- Security Assertion Markup Language (SAML 2.0, in XML)
- Open Identity Connect (OIDC, OAuth2.0, in JSON)
- External services like Okta, OneLogin, Azure Active Directory are vendors