What is Single Sign-On
Single Sign-On (SSO) means that the user only needs to enter the username and password once; after authenticating in any application, they can access all mutually trusted application systems without logging in again.
SSO vs Unified Authentication
| Dimension | Unified Authentication | Single Sign-On |
|---|---|---|
| Core Goal | One account/password to access all apps | One login, access everywhere |
| User Experience | Remember one password | No need to repeatedly enter password |
| Relationship | Basic capability | Experience upgrade based on unified authentication |
It can be understood like this: unified authentication solves the problem of "too many passwords"; single sign-on further solves the problem of "repeated login" on this basis.
Typical Application Scenarios
- In the morning, an employee opens an office computer, logs in to the enterprise portal, and can directly enter mail, OA, HR systems, and others, without entering the password again throughout the process.
- After partners log in to the supply chain platform, they can directly jump to procurement systems, reconciliation systems, and others.
- After consumers log in to an e-commerce App, they can directly enter the membership center, points mall, customer service system, and others.
Implementation Methods
BambooCloud IDaaS supports SSO through multiple standard protocols:
- OIDC: first choice for modern apps, identity layer based on OAuth 2.0
- SAML: standard solution for enterprise Web app SSO
- CAS: protocol widely used in domestic universities and government systems
- OAuth 2.0: applicable to third-party application authorization scenarios
Different protocols apply to different types of applications. BambooCloud IDaaS provides a unified configuration interface, and administrators can flexibly choose according to application characteristics.