SSO
Single sign-on — log in once with your identity provider and access many apps without re-authenticating.
Definition
Single Sign-On lets a user authenticate at a central identity provider (Okta, Microsoft Entra ID, Google Workspace) and then access connected applications without entering credentials again. Behind the scenes, SSO uses SAML or OIDC tokens. Enterprise SaaS sells SSO as a paid add-on; it is the standard control for offboarding access centrally.
When to use
See also
- OAuth — Industry-standard delegation protocol — lets a user authorise an app to access their data without sharing a password.
- MFA — Multi-factor authentication — a second verification step (TOTP, hardware key, push) on top of a password.
- Microsoft Entra ID — Microsoft's cloud identity provider (formerly Azure AD) — the directory behind Microsoft 365 and Azure SSO.