Definition
Single Sign-On (SSO) allows users to authenticate once and access multiple applications without re-entering credentials. Federation protocols (SAML, OIDC) handle the trust relationships between identity provider (IdP) and service provider (SP). SSO improves both security (centralized authentication, MFA enforcement at one point) and user experience (no password fatigue). Modern enterprises typically run SSO via a cloud IdP (Microsoft Entra ID, Okta, Ping) integrating with both internal apps (often via ZTNA) and SaaS apps (direct SAML/OIDC). SSO is a foundational building block for Zero Trust - every access request flows through the IdP for context.
Related terms
- IAM (Identity and Access Management) - Discipline for managing digital identities, authentication, authorization, and access control across enterprise systems.
- MFA (Multi-Factor Authentication) - Authentication requiring two or more independent factors (something you know, have, or are).
- ZTNA (Zero Trust Network Access) - Identity-driven, application-level access to internal apps - the modern replacement for VPN.