RSystems
Back to Glossary

Identity

SSO

Also known as: Single Sign-On

Sign in once and access all connected applications — one identity instead of separate credentials for each service.

SSO — single sign-on — lets people use one identity to access many applications, instead of maintaining a separate username and password for each. Sign in once, and that verified identity carries across the connected services.

There's a spectrum. At the simplest end, "sign in with Google," "sign in with Microsoft," and "sign in with Apple" buttons are a lightweight form of SSO — convenient and identity-based rather than password-based. At the more robust end is true federated single sign-on using protocols like SAML and OIDC, often through a dedicated identity provider, which gives you central control over access and offboarding.

The strategic value is the shift from thinking about your company as a scattering of independent passwords to thinking about it in terms of identities. One important caveat: SSO is tied to your domain name, so it's best turned on once your brand identity is settled, not while you're still workshopping it.

Related Terms

Identity

SAML

The protocol behind enterprise SSO — log into your identity provider once and gain access to connect

Read

Identity

OIDC

A modern SSO standard built on OAuth 2.0 — like SAML but uses JSON instead of XML, designed for both

Read

Identity

SCIM

The standard for automating user provisioning. SAML handles authentication; SCIM handles creating an

Read

Identity

Federation

Lets one identity system trust another so users authenticate across platforms without separate crede

Read