Main definitions of the Single Sign-On technology
Single Sign-On, SSO – access control technology based on using a single resource for user authentication. Technology includes Single Sign-On, Single Sign-Off (Single Log Out) and Just-In-Time Provisioning methods.
Single Sign-On – user can access multiple resources after signing in to any of them.
Single Sign-Off (Single Log Out) – a reverse method that restricts user’s access to the resources after a single log out operation on any of them.
Just-In-Time Provisioning – automatic registration of user accounts in an application if no accounts exist for an authorized user.
Identity provider – a service that verifies user authenticity based in a contact directory or response from a specific service. The SAML 2.0 protocol support is implemented in the bpm’online. Any identity provider that supports this protocol is compatible.
Service Provider – a service or system accessed by the user.
Resource – the information that the user requests from the service provider.
User Agent – user environment, browser or other client application on the user’s device.
Authentication – the process of verifying user’s identity.
Authorization – the process of checking permissions for an action or operation.
Federated SSO – authentication system where the service provider redirects users to the identity provider without receiving any user data.
See also