Single Sign-On (SSO) is a solution that allows a user to enter his or her credentials just once to access multiple websites. Single Sign-On can ensure a single login and a single profile view. SSO allows employees and administrators to seamlessly access a variety of systems, such as using a third-party HCM service and accessing the PlanSource enrollment experience without logging into both individually. Single Sign-On makes it easier for you to deliver a unified experience.
- User authenticates to identity provider using a single-factor, or multi-factor authentication.
- The Identity Provider issues a SAML token to the User with assertions about the User’s identity. In Mobile devices, and web browsers, the SAML is often issued as embedded BASE64 within the HTML response.
- The User’s browser is redirected from the Identity Provider to the location of the Service Provider. The User’s browser then issues a request to the Service Provider with the SAML token embedded. The Service Provider then inspects the SAML token and its contents to determine validity based on the trust relationship with the Identity Provider. The Service Provider then provides access to the various online banking applications based on the SAML assertion statements included in the token.
Updated about a year ago