Member-only story
Authentication and Authorization: Where Does SSO Fit In?
Secure environments follow a set of steps to separate the users who have access to network resources from those who do not. Identification, authorization, and authenticity are the three foundational verification processes; Yet, despite having similar names, authentication and authorization are separate phases in the security process — distinguishing between the two is essential for a firm understanding of the subject.
Authentication: validating that users are who they claim to be. This process is often completed through passwords, one-time pins, authentication apps, biometrics, and others.
Authorization: giving the user permission to access a specific resource. This is directly related to access controls or client privilege.
Single sign-on (SSO) is an authentication method that enables users to securely authenticate using just one set of credentials with multiple applications and websites (OneLogIn Inc). This service is based on trust relationships established through the exchange of certificates between a service provider and an identity provider. The certificate validates the source’s identity trustworthiness, in this case, the service provider, and grants them access to the resources. In SSO, this identity data forms tokens containing identifying information about the user’s credentials.