WSO2 Identity Server

Single Sign-On with WSO2 Identity Server

The episode explains about SSO through WSO2 Identity Server

Single Sign-On (SSO) is an authentication process that ensures users securely authenticate with multiple applications with one set of login credentials. It means once a user logged into a system, don’t have to log in repeatedly for other every application that is linked with the system. A well-known example application for single sign-on is Google. Google’s method of login for their different applications such as Google, Youtube, Gmail is implemented through a single sign-on process. Once the user logs into one Google’s product they can switch to other products without entering their credentials.

SSO mechanism works based on a trust relationship set up between a service provider(Applications) and an identity provider like WSO2 Identity Server. This trust relationship is normally built upon a digital certificate that is exchanged between the identity provider and the service provider. The certificate is encrypted using the private key of the identity provider. This certificate can be used to sign identity information that is being sent from the identity provider to the service provider so that the service provider knows it is coming from a trusted source. In SSO, this identity data takes the form of tokens which contain identifying information about the user.