Single Sign-On (SSO) is a system that lets users securely authenticate multiple cloud applications by logging in only once in a managed authentication system.
To learn more about SSO, refer to these articles below.
- SSO Overview
- Implement Single Sign-On for Freshworks
- Terms and definitions to understand SSO better
- Agent SSO and Contact SSO for an Organization
Authentication requests and information is exchanged between SP and IdP via secure and standard protocols such as SAML/OAuth. The applications requesting authentication information are pre-registered with the Identity Provider and use secure signing protocols such as OAuth2/SAML 2.0 to establish trust between these two parties while exchanging information about the user, user's profile and the authentication information.
Here are a few definitions to help you understand this concept better:
Service Provider (SP) provides IT solutions and/or services to end-users and organizations. E.g. Freshworks
Identity Provider (IdP) is a service that stores and verifies user identity. Identity providers offer user authentication as a service. E.g. Google
Open Authorization (OAuth) 2 is an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords [Wikipedia].
OpenID Connect (OIDC) is an identity layer that sits on top of OAuth 2. It enables easy verification of the identity of an end-user based on the authentication performed by an authorization server, as well as to obtain basic profile information about the end-user. [Wikipedia]
JSON Web Tokens (JWT) is a compact URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object.
Security Assertion Markup Language (SAML) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider.
If you are looking for specific information about SSO for Freshworks or configuration related guides for supported protocols, here is a list of articles for you to read:
- Configure SSO with SAML 2.0
- Configure SAML 2.0 for Freshworks using Okta
- Configure SAML 2.0 for Freshworks using Azure AD
- Configure SAML 2.0 for Freshworks using ADFS
- Configure SAML 2.0 for Freshworks using OneLogin
- Configure SSO with OpenID Connect
- Configure SSO with OAuth 2.0
- Configure SSO with JWT