Single sign-on allows users to access multiple services with a single login. By using Single sign-on, the user doesn't need to remember the number of usernames and passwords. Before SAML, products support single sign-on by using browser cookies. User authentication state information is maintained in browser cookies so that re-authentication is not required each time the web user accesses the system. One problem with cookies is, cookies are not transmitted between different domains. With this mechanism, users only have to enter one set of credentials to access their web apps. This greatly increases productivity while keeping data secure. It enables password security and multi-factor authentication ensuring that only authorized users get access to sensitive data.
The sequence of events goes like this:
With this information, the user can then request the resource he is interested in again. The resource is finally returned to the user.
The diagram beside illustrates the single sign-on flow for service provider-initiated SSO, i.e. when an application triggers SSO.
Component space SDK succor the integration of SAML single sign-on with easy and comprehensible APIs. It provides seamless, secure access to cloud and corporate web applications using a single username and password.