Skip to main content
Single Sign-on (SSO)

Learn why Single Sign-on might be the most convenient way for your users to log in, plus a surefire strategy to improve your adoption rates

ClΓ‘udia Duarte avatar
Written by ClΓ‘udia Duarte
Updated over a year ago

Juggling multiple passwords can be stressful, accident-prone, and time-consuming, resulting in the loss of precious productive time due to the hassle of manually logging in to a dozen different platforms and even recovering forgotten passwords. 😣 Moreover, with the advent of cloud migration, users have come to expect seamless access to any resources from anywhere, anytime. At worst, failing to provide this may deter would-be applicants from joining your institution. 😬

Enter Single Sign-on! πŸ™Œ

In this article

(click to jump to topic)

What's Single Sign-on and how does it work?

Single Sign-on (SSO) is a mechanism that allows users to sign up and sign in to various websites and software services with a single set of credentials, acting as a sort of bridge between them. In other words, with SSO, users can safely authenticate themselves across multiple independent apps and websites with a single set of credentials instead of defining and memorising different details for each of these places. πŸ˜ƒ

When you go to Spotify and see the button to "Sign up with Facebook," that's a classic example of a single sign-on solution. Another is being able to access YouTube, Gmail, Google Analytics, and other Google products via a single Google account.

The main difference from traditional login methods is the ease of access. As a centralised login approach, SSO saves time by eliminating the need to reenter one's username and password (or whatever other authentication pair was put in place) and is much easier to manage, as users need only remember one master password and identifier, and, in case they forget them, a single recovery request is sufficient. 😌

Furthermore, with Single Sign-on, users have the option of creating a new account with just a few clicks by selecting their preferred compatible platform (for instance, LinkedIn). That's because, instead of being prompted to enter a password and an identifier, they're redirected to an external identity provider in order to authenticate, whereby, behind the scenes, the said platform will provide just enough data about them to automatically fill in the registration form and verify their identity. Upon receiving proof that the user in question is real, the new account will be created by the service provider. Then, after the first login, SSO will take care of always confirming that the person really is who they claim they are, for once they sign in once, they won't have to do so again. πŸ’«

How does Single Sign-on apply to Full Fabric?

Full Fabric supports Single Sign-on with SAML 2.0. "SAML" stands for "Security Assertion Markup Language" and is a protocol for securely and successfully exchanging user authentication and authorization data from an identity provider to a service provider. ⚑️

Currently, Full Fabric supports social single sign-on via LinkedIn, which you can read about here. Additionally, we provide support for institutional single sign-on through your school's official website. You can find the set-up instructions for the latter by following this link.

Both can be enabled at the same time, letting users decide which they personally prefer. In fact, we strongly recommend that you enable every login method at your disposal, as it tends to increase user adoption rates. πŸ‘¨β€πŸ‘©β€πŸ‘¦β€πŸ‘¦ For security purposes, you may also combine SSO with two-factor authentication (2FA).

Please speak to your client success representative for help with setting up single sign-on. πŸ˜‰

*

You have reached the end of this article. Thanks for reading! πŸ€“ If you have any questions or comments on the topic at hand, or if you enjoy reads like this and have article requests, let us know. Also, please leave a rating below. Your feedback is highly appreciated! πŸ’–
​


PUBLISHED: August 4, 2021
​LAST UPDATED: June 21, 2023 at 3:48 p.m.

Did this answer your question?