Single Sign On, SSO Login, Single Sign On Login
Single Sign On, SSO Login, Single Sign On Login: In this tutorial we are going to study clearly about Single Sign On,how to implement SSO in salesforce, what is single sign on, how does single sign works, single sign on definition, Different types of Single sign on, benefits on single sign on, Federated single sign on, Delegate single sign on , Managed service providers, What is saml, saml 2.0 specifications, saml authentication, saml identity providers, saml assertion.
what is single sign on ?
SSO or Single Sign on is the process that allows all networks users to access all authorized network resources through single username and password with out having different usernames and passwords for every resources in the network.
Suppose in an organization there are different number of systems, applications and resources which are to be accessed by every user. To access those resources in that organization the user must login to that application with that username and password. If he wants to access more number of resources it may be difficult to remember those passwords. To eliminate such type of issues SSO is implemented.
Benefits of single sign on
When coming to the benifits of Single sign on we can observe many benifits when Single Sign On is implemented. The following are the benefits to your organization with single sign on.
- It reduces Administration costs : No need to remember all usernames and passwords. Salesforce provides resources and external applications just logged in without asking to enter username or password.
- Leverage existing Investments : Many of the companies uses LDAP data base to manage their users identities to allow authentication to their systems in their organization. Suppose with the user is removed from LDAP system the user is immediately removed and no longer able to login to their systems.
- Time Saving.
- Increased User adoption : User who uses Salesforce are more comfortable to send email messages that contains links to information to salesforce.com.
- Increased Security.
Different types of Single sign on Implementations.
Single Sign On or SSO can be implemented by two ways .
- Federated Authentication.
- Delegate authentication.
What is Federated Single Sign on Authentication.
In salesforce, if Federated single sign on Authentication is enabled then the salesforce does not validate user’s password. Instead of validating user’s password salesforce verifies an insertion in the HTTP POST request and allows single sign on if the assertion is TRUE, if assertion is false salesforce does not allows SSO.
What is Delegate Single sign on Authentication.
Delegate Single Sign-On authentication is the second type of Single sign on in salesforce. If this type is enabled in salesforce allows web services to your organization to establish authentication credentials to the users instead of validating the users passwords.
Authentication providers are those who provide authentication credentials to the users from external service providers. Authentication provide credentials to the users with profiles containing login IP range restrictions, Session Id’s
Here we are required to setup new Authentication providers to establish connection. The process of authentication will be like below steps.
- The users tries to login in to Salesforce using third party identity.
- Then login request is redirected to the third party provider.
- Then the user will be approved to access.
- The Authentication provider redirects the user to salesforce.
- Now the user is logged in to salesforce.