Single sign-on (SSO) is an authentication mechanism that allows users to securely access different applications and services using a single set of login credentials. The primary benefit of SSO is that users no longer need to remember distinct username and password combinations for each application that they use.
SSO has become increasingly important as software-as-a-service (SaaS) applications and remote work have gained in popularity. SSO provides users with a simple and consistent login experience across applications.
How does SSO work?
SSO is based on the notion of federated identity, which is the sharing of identity attributes across trusted but autonomous systems. When a user is trusted by one system, the user is automatically granted access to other systems via an established trust relationship. This provides the framework for modern SSO solutions, which are enabled through protocols like SAML 2.0.
Identity Providers and Service Providers
An Identity Provider is a federation partner that vouches for the identity of a user while a Service Provider is a federation partner that provides services to the user. The Identity Provider handles the management of user identities and the Service Provider provides application services.
The Identity Provider is set up and configured to store and manage the user identities and credentials. The Identity Provider authenticates the user and then provides an authentication token to the Service Provider.
Each application or service must be registered with the Identity Provider, establishing trust between the systems. The specific authentication flow (e.g., SAML) is implemented, directing authentication requests from the Service Provider to the Identity Provider and handling the exchange of authentication tokens.
Service Providers might also maintain a local account for the user, along with attributes that are unique to the service.
Configuring SSO in Ruddr
Configuring SSO in Ruddr is a simple process. These steps include creating the authentication provider in workspace settings, configuring the desired Identity Provider (such as Google or Okta) and then finalizing the configuration of Ruddr as the Service Provider.
Ruddr currently supports three Identity Providers, which are:
In addition, Ruddr supports any standard SAML-compliant provider.
See the Identity Provider Setup article and Service Provider Setup article for more information.