Single Sign-On (SSO) allows users, who are authenticated against one application, to gain access to multiple other related applications without having to repeatedly authenticate themselves. It also allows the web applications to gain access to a set of back-end services with the logged-in user's access rights, and the back-end services can authorize the user based on different claims like the user role.
This section covers the following topics.
For more information on SAML related terminologies discussed in the sections above, go to Assertions and Protocols for the OASIS SAML 2.0 documentation.