Single Sign-on (SS0)
A single sign-on solution can simplify username and password management for both users and administrators. Users no longer have to keep track of different sets of credentials and can simply remember a single more complex password. SSO often enables users to just get access to their applications much faster.
SSO works based upon a trust relationship set up between an application, known as the service provider, and an identity provider.
Traditionally, after our users register with our website we assign a unique cookie to the user when they want to log in to our product.
These cookies keep track of whether a user is logged in and under what name. It also saves login information to prevent users from repeatedly entering their passwords.
This process occurs once until our users terminate their session or until the validity period defined for the session expires.
When we use the SSO, the username and password are forwarded to the SSO server, after verifying the information, the session is started and a session key is generated. This generated key can be used jointly with other associated applications and/or services.
The point we need to pay attention to here is that our users lose control over their personal data due to the use of SSO, and we should not forget that we are expanding the tracking and targeting of the big tech SSO providers on our website users.
In addition, due to the fact that we do not have control over exactly what information is shared with these companies, it becomes difficult for us to comply with transparency and accountability principles.
Last updated