What is single sign-on(SSO) in Salesforce?

Hi Shradha,

Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials to access multiple applications. The service authenticates the end user for all the applications the user has been given rights to and eliminates further prompts when the user switches applications during the same session. On the back end, SSO is helpful for logging user activities as well as monitoring user accounts.

Benefits of using single sign-on include:

1. User passwords are not stored or managed externally.
2. Reduce password fatigue from different user name and password combinations.
3. Reduce time spent re-entering passwords for the same identity.
4. Reduce IT costs due to lower number of IT help desk calls about passwords.

Single Sign-On (SSO) is a feature that connects multiple applications through one password. It makes life simple, by eliminating the need to remember multiple passwords, and allows you to login once and access many systems.

Federated authentication using Security Assertion Markup Language (SAML) lets you send authentication and authorization data between affiliated but unrelated web services. You can log in to Salesforce from a client app. Salesforce enables federated authentication for your org automatically.
Delegated authentication SSO integrates Salesforce with an authentication method that you choose. You can integrate authentication with your LDAP (Lightweight Directory Access Protocol) server or use a token instead of a password for authentication. You manage delegated authentication at the permission level, not at the org level, giving you more flexibility. With permissions, you can require some to use delegated authentication while others use their Salesforce-managed password.

Authentication providers let your users log in to your Salesforce org using their login credentials from an external service provider. Salesforce supports the OpenID Connect protocol, which lets users log in from any OpenID Connect provider, such as Google, PayPal, and LinkedIn. When an authentication provider is enabled, Salesforce doesn’t validate a user’s password. Instead, Salesforce uses the user’s login credentials from the external service provider to establish authentication credentials.

• This reply was modified 6 years, 2 months ago by  chanchal kumar.

Hi,

To get it more simple, it is process of login without providing the credentials, where we setup the configuration in Source Org(Identity provider) to get into target org(service provider). Identity provider is kind of credential saver for different applications(service providers).

Hope this helps.