Single Sign-On (SSO) is a system that lets users securely authenticate multiple cloud applications by logging in only once in a managed authentication system. 

To learn more about SSO, refer to these articles below.

Authentication requests and information is exchanged between SP and IdP via secure and standard protocols such as SAML/OAuth. The applications requesting authentication information are pre-registered with the Identity Provider and use secure signing protocols such as OAuth2/SAML 2.0 to establish trust between these two parties while exchanging information about the user, user's profile and the authentication information.

Here are a few definitions to help you understand this concept better: 

  • Service Provider (SP) provides IT solutions and/or services to end-users and organizations. E.g. Freshworks

  • Identity Provider (IdP) is a service that stores and verifies user identity. Identity providers offer user authentication as a service. E.g. Google

  • Open Authorization (OAuth) 2 is an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords [Wikipedia]. 

  • OpenID Connect (OIDC) is an identity layer that sits on top of OAuth 2. It enables easy verification of the identity of an end-user based on the authentication performed by an authorization server, as well as to obtain basic profile information about the end-user. [Wikipedia]

  • JSON Web Tokens (JWT) is a compact URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object. 

  • Security Assertion Markup Language (SAML) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider.

If you are looking for specific information about SSO for Freshworks or configuration related guides for supported protocols, here is a list of articles for you to read: