{"id":5834,"date":"2023-06-25T11:44:43","date_gmt":"2023-06-25T11:44:43","guid":{"rendered":"https:\/\/youngitconsulting.de\/staging\/2187\/?p=5834"},"modified":"2023-07-08T08:01:35","modified_gmt":"2023-07-08T08:01:35","slug":"understanding-sso-part-1","status":"publish","type":"post","link":"https:\/\/youngitconsulting.de\/staging\/2187\/understanding-sso-part-1\/","title":{"rendered":"Understanding SSO &#8211; Part 1"},"content":{"rendered":"<h2 class=\"reader-text-block__heading1\">Understanding SSO concepts<\/h2>\n<p class=\"reader-text-block__paragraph\">To better understand SSO we first understand the evolution of authentication .<\/p>\n<h3 class=\"reader-text-block__heading2\"><strong>1) Simple authentication architecture (Without SSO)<\/strong><\/h3>\n<p>&nbsp;<\/p>\n<p><img data-recalc-dims=\"1\" fetchpriority=\"high\" decoding=\"async\" class=\"aligncenter wp-image-5837 size-full\" src=\"https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso2.png?resize=1360%2C554&#038;ssl=1\" alt=\"\" width=\"1360\" height=\"554\" srcset=\"https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso2.png?w=1360&amp;ssl=1 1360w, https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso2.png?resize=300%2C122&amp;ssl=1 300w, https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso2.png?resize=1024%2C417&amp;ssl=1 1024w, https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso2.png?resize=768%2C313&amp;ssl=1 768w\" sizes=\"(max-width: 1000px) 100vw, 1000px\" \/><\/p>\n<ul>\n<li>There is a client (who is using the browser).<\/li>\n<li>There is a server (which is basically a web server for the application) .<\/li>\n<li>Client calls the login page and enters the Credentials .<\/li>\n<li>Server authenticates the credentials again the DB .<\/li>\n<li>Once authentication succeeds a session cookies is established between the client and server .<\/li>\n<\/ul>\n<h3 class=\"reader-text-block__heading2\"><strong>2) Generic SSO architecture<\/strong><\/h3>\n<p>&nbsp;<\/p>\n<p><img data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter wp-image-5839 size-full\" src=\"https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso3.jpeg?resize=1330%2C822&#038;ssl=1\" alt=\"\" width=\"1330\" height=\"822\" srcset=\"https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso3.jpeg?w=1330&amp;ssl=1 1330w, https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso3.jpeg?resize=300%2C185&amp;ssl=1 300w, https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso3.jpeg?resize=1024%2C633&amp;ssl=1 1024w, https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso3.jpeg?resize=768%2C475&amp;ssl=1 768w\" sizes=\"(max-width: 1000px) 100vw, 1000px\" \/><\/p>\n<p>&nbsp;<\/p>\n<ol>\n<li>The First call made to the web-application is redirected to the Identity provider (IdP) login page.<\/li>\n<li>User enters the credentials via browser and get back the token from the Identity provider (IdP).<\/li>\n<li>Token is sent to the Web application .<\/li>\n<li>Web app had a trust relationship with Idp or can have a key from Identity Provider (IdP) which is used to check the validity of the token.<\/li>\n<li>Once the validation succeeds the Web application puts a session cookie on the browser and the connection is established .<\/li>\n<\/ol>\n<h3 class=\"reader-text-block__heading2\">3) Understanding the Protocols<\/h3>\n<p class=\"reader-text-block__paragraph\">Now since we have understood the basic SSO mechanism , now is the time to get an understanding of the underlying authentication protocols used .<\/p>\n<p class=\"reader-text-block__paragraph\">whenever we talk SSO we quite often hear about SAML , Open ID Connect , OAuth2 , OIDC etc.<\/p>\n<p class=\"reader-text-block__paragraph\">Lets try to understand these<\/p>\n<ul>\n<li>First thing first we need to understand that Open ID Connect and OIDC are the same protocol , so let&#8217;s not confusion over that .<\/li>\n<li>Second important point is While OAuth 2.0 is an\u00a0<strong>authorization<\/strong>\u00a0protocol, OIDC is an identity\u00a0<strong>authentication<\/strong>\u00a0protocol .<\/li>\n<li>Third point we need to know is The OpenID Connect (OIDC) protocol is built over the OAuth 2.0 protocol and helps authenticate users and convey information about them .<\/li>\n<li>SAML is XML based and OIDC is JSON based protocol<\/li>\n<li>SAML is quite old is Industry hence is quite matured but at the same time Complex .<\/li>\n<li>SAML has highest security standard where as OIDC is moderate<\/li>\n<li>OIDC is top in sense of user friendliness and implementations<\/li>\n<\/ul>\n<p class=\"reader-text-block__paragraph\">So I hope you got the gist now i.e. SAML and OIDC can be used for identity authentication. These 2 protocols hence are also used for SSO implementations .<\/p>\n<h3 class=\"reader-text-block__heading2\">4) Differences between SAML and OIDC<\/h3>\n<p>&nbsp;<\/p>\n<p><img data-recalc-dims=\"1\" decoding=\"async\" class=\"alignright wp-image-5841 size-full\" src=\"https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso4.jpeg?resize=722%2C252&#038;ssl=1\" alt=\"\" width=\"722\" height=\"252\" srcset=\"https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso4.jpeg?w=722&amp;ssl=1 722w, https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso4.jpeg?resize=300%2C105&amp;ssl=1 300w\" sizes=\"(max-width: 722px) 100vw, 722px\" \/><\/p>\n<p>&nbsp;<\/p>\n<div data-scaffold-immersive-reader-content=\"\">\n<div>\n<div class=\"reader-article-content reader-article-content--content-blocks\" dir=\"ltr\">\n<h3 class=\"reader-text-block__heading2\">Stay tuned to check more about SSO in our next article&#8230;<\/h3>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Understanding SSO concepts To better understand SSO we first understand the evolution of authentication . 1) Simple authentication architecture (Without SSO) &nbsp; There is a client (who is using the browser). There is a server (which is basically a web server for the application) . Client calls the login page and enters the Credentials . Server authenticates the credentials again the DB . Once authentication succeeds a session cookies is established between the client and server . 2) Generic SSO architecture &nbsp; &nbsp; The First call made to the web-application is redirected to the Identity provider (IdP) login page. User enters the credentials via browser and get back the token from the Identity provider (IdP). Token is sent to the Web application . Web app had a trust relationship with Idp or can have a key from Identity Provider (IdP) which is used to check the validity of the token. Once the validation succeeds the Web application puts a session cookie on the browser and the connection is established . 3) Understanding the Protocols Now since we have understood the basic SSO mechanism , now is the time to get an understanding of the underlying authentication protocols used . whenever we talk SSO we quite often hear about SAML , Open ID Connect , OAuth2 , OIDC etc. Lets try to understand these First thing first we need to understand that Open ID Connect and OIDC are the same protocol , so let&#8217;s not confusion over that . Second important point is While OAuth 2.0 is an\u00a0authorization\u00a0protocol, OIDC is an identity\u00a0authentication\u00a0protocol . Third point we need to know is The OpenID Connect (OIDC) protocol is built over the OAuth 2.0 protocol and helps authenticate users and convey information about them . SAML is XML based and OIDC is JSON based protocol SAML is quite old is Industry hence is quite matured but at the same time Complex . SAML has highest security standard where as OIDC is moderate OIDC is top in sense of user friendliness and implementations So I hope you got the gist now i.e. SAML and OIDC can be used for identity authentication. These 2 protocols hence are also used for SSO implementations . 4) Differences between SAML and OIDC &nbsp; &nbsp; Stay tuned to check more about SSO in our next article&#8230;<\/p>\n","protected":false},"author":1,"featured_media":5836,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"nf_dc_page":"","om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"fifu_image_url":"","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[121,118],"tags":[62,64,71,69,67,65,25,30,40,63,68,70,66,60],"class_list":["post-5834","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-mobile","category-react","tag-business-portal","tag-drupal","tag-identity-provider","tag-idp","tag-java-portal","tag-joomla","tag-liferay","tag-liferay-dxp","tag-liferay-dxp-7-4","tag-liferay-portal","tag-sso","tag-token","tag-web-development","tag-wordpress"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Understanding SSO - Part 1 -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/youngitconsulting.de\/staging\/2187\/understanding-sso-part-1\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Understanding SSO - Part 1 -\" \/>\n<meta property=\"og:description\" content=\"Understanding SSO concepts To better understand SSO we first understand the evolution of authentication . 1) Simple authentication architecture (Without SSO) &nbsp; There is a client (who is using the browser). There is a server (which is basically a web server for the application) . Client calls the login page and enters the Credentials . Server authenticates the credentials again the DB . Once authentication succeeds a session cookies is established between the client and server . 2) Generic SSO architecture &nbsp; &nbsp; The First call made to the web-application is redirected to the Identity provider (IdP) login page. User enters the credentials via browser and get back the token from the Identity provider (IdP). Token is sent to the Web application . Web app had a trust relationship with Idp or can have a key from Identity Provider (IdP) which is used to check the validity of the token. Once the validation succeeds the Web application puts a session cookie on the browser and the connection is established . 3) Understanding the Protocols Now since we have understood the basic SSO mechanism , now is the time to get an understanding of the underlying authentication protocols used . whenever we talk SSO we quite often hear about SAML , Open ID Connect , OAuth2 , OIDC etc. Lets try to understand these First thing first we need to understand that Open ID Connect and OIDC are the same protocol , so let&#8217;s not confusion over that . Second important point is While OAuth 2.0 is an\u00a0authorization\u00a0protocol, OIDC is an identity\u00a0authentication\u00a0protocol . Third point we need to know is The OpenID Connect (OIDC) protocol is built over the OAuth 2.0 protocol and helps authenticate users and convey information about them . SAML is XML based and OIDC is JSON based protocol SAML is quite old is Industry hence is quite matured but at the same time Complex . SAML has highest security standard where as OIDC is moderate OIDC is top in sense of user friendliness and implementations So I hope you got the gist now i.e. SAML and OIDC can be used for identity authentication. These 2 protocols hence are also used for SSO implementations . 4) Differences between SAML and OIDC &nbsp; &nbsp; Stay tuned to check more about SSO in our next article&#8230;\" \/>\n<meta property=\"og:url\" content=\"https:\/\/youngitconsulting.de\/staging\/2187\/understanding-sso-part-1\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-06-25T11:44:43+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-07-08T08:01:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"752\" \/>\n\t<meta property=\"og:image:height\" content=\"305\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"YoungIT\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"YoungIT\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/understanding-sso-part-1\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/understanding-sso-part-1\\\/\"},\"author\":{\"name\":\"YoungIT\",\"@id\":\"http:\\\/\\\/izg.tnd.mybluehost.me\\\/#\\\/schema\\\/person\\\/b46ed295bea3af3f3a4c263e64c82686\"},\"headline\":\"Understanding SSO &#8211; Part 1\",\"datePublished\":\"2023-06-25T11:44:43+00:00\",\"dateModified\":\"2023-07-08T08:01:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/understanding-sso-part-1\\\/\"},\"wordCount\":371,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/understanding-sso-part-1\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/youngitconsulting.de\\\/staging\\\/2187\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/sso1.png?fit=752%2C305&ssl=1\",\"keywords\":[\"Business portal\",\"Drupal\",\"Identity provider\",\"IDP\",\"Java portal\",\"Joomla\",\"Liferay\",\"Liferay DXP\",\"Liferay DXP 7.4\",\"Liferay portal\",\"SSO\",\"Token\",\"web development\",\"Wordpress\"],\"articleSection\":[\"Mobile\",\"React\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/understanding-sso-part-1\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/understanding-sso-part-1\\\/\",\"url\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/understanding-sso-part-1\\\/\",\"name\":\"Understanding SSO - Part 1 -\",\"isPartOf\":{\"@id\":\"http:\\\/\\\/izg.tnd.mybluehost.me\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/understanding-sso-part-1\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/understanding-sso-part-1\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/youngitconsulting.de\\\/staging\\\/2187\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/sso1.png?fit=752%2C305&ssl=1\",\"datePublished\":\"2023-06-25T11:44:43+00:00\",\"dateModified\":\"2023-07-08T08:01:35+00:00\",\"author\":{\"@id\":\"http:\\\/\\\/izg.tnd.mybluehost.me\\\/#\\\/schema\\\/person\\\/b46ed295bea3af3f3a4c263e64c82686\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/understanding-sso-part-1\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/understanding-sso-part-1\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/understanding-sso-part-1\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/youngitconsulting.de\\\/staging\\\/2187\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/sso1.png?fit=752%2C305&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/youngitconsulting.de\\\/staging\\\/2187\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/sso1.png?fit=752%2C305&ssl=1\",\"width\":752,\"height\":305},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/understanding-sso-part-1\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Understanding SSO &#8211; Part 1\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\\\/\\\/izg.tnd.mybluehost.me\\\/#website\",\"url\":\"http:\\\/\\\/izg.tnd.mybluehost.me\\\/\",\"name\":\"\",\"description\":\"IT Consulting , Liferay DXP , Salesforce , Java Consulting\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\\\/\\\/izg.tnd.mybluehost.me\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"http:\\\/\\\/izg.tnd.mybluehost.me\\\/#\\\/schema\\\/person\\\/b46ed295bea3af3f3a4c263e64c82686\",\"name\":\"YoungIT\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/45f6160db01519229a2463b514b42085e51d1816913b18ffa5181a439cc7999c?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/45f6160db01519229a2463b514b42085e51d1816913b18ffa5181a439cc7999c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/45f6160db01519229a2463b514b42085e51d1816913b18ffa5181a439cc7999c?s=96&d=mm&r=g\",\"caption\":\"YoungIT\"},\"sameAs\":[\"http:\\\/\\\/box2537\\\/cgi\\\/addon_GT.cgi?s=GT::WP::Install::EIG+%28izgtndmy%29+-+127.0.0.1+%5Bnocaller%5D\"],\"url\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/author\\\/izgtndmy\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Understanding SSO - Part 1 -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/youngitconsulting.de\/staging\/2187\/understanding-sso-part-1\/","og_locale":"en_US","og_type":"article","og_title":"Understanding SSO - Part 1 -","og_description":"Understanding SSO concepts To better understand SSO we first understand the evolution of authentication . 1) Simple authentication architecture (Without SSO) &nbsp; There is a client (who is using the browser). There is a server (which is basically a web server for the application) . Client calls the login page and enters the Credentials . Server authenticates the credentials again the DB . Once authentication succeeds a session cookies is established between the client and server . 2) Generic SSO architecture &nbsp; &nbsp; The First call made to the web-application is redirected to the Identity provider (IdP) login page. User enters the credentials via browser and get back the token from the Identity provider (IdP). Token is sent to the Web application . Web app had a trust relationship with Idp or can have a key from Identity Provider (IdP) which is used to check the validity of the token. Once the validation succeeds the Web application puts a session cookie on the browser and the connection is established . 3) Understanding the Protocols Now since we have understood the basic SSO mechanism , now is the time to get an understanding of the underlying authentication protocols used . whenever we talk SSO we quite often hear about SAML , Open ID Connect , OAuth2 , OIDC etc. Lets try to understand these First thing first we need to understand that Open ID Connect and OIDC are the same protocol , so let&#8217;s not confusion over that . Second important point is While OAuth 2.0 is an\u00a0authorization\u00a0protocol, OIDC is an identity\u00a0authentication\u00a0protocol . Third point we need to know is The OpenID Connect (OIDC) protocol is built over the OAuth 2.0 protocol and helps authenticate users and convey information about them . SAML is XML based and OIDC is JSON based protocol SAML is quite old is Industry hence is quite matured but at the same time Complex . SAML has highest security standard where as OIDC is moderate OIDC is top in sense of user friendliness and implementations So I hope you got the gist now i.e. SAML and OIDC can be used for identity authentication. These 2 protocols hence are also used for SSO implementations . 4) Differences between SAML and OIDC &nbsp; &nbsp; Stay tuned to check more about SSO in our next article&#8230;","og_url":"https:\/\/youngitconsulting.de\/staging\/2187\/understanding-sso-part-1\/","article_published_time":"2023-06-25T11:44:43+00:00","article_modified_time":"2023-07-08T08:01:35+00:00","og_image":[{"width":752,"height":305,"url":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso1.png","type":"image\/png"}],"author":"YoungIT","twitter_card":"summary_large_image","twitter_misc":{"Written by":"YoungIT","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/youngitconsulting.de\/staging\/2187\/understanding-sso-part-1\/#article","isPartOf":{"@id":"https:\/\/youngitconsulting.de\/staging\/2187\/understanding-sso-part-1\/"},"author":{"name":"YoungIT","@id":"http:\/\/izg.tnd.mybluehost.me\/#\/schema\/person\/b46ed295bea3af3f3a4c263e64c82686"},"headline":"Understanding SSO &#8211; Part 1","datePublished":"2023-06-25T11:44:43+00:00","dateModified":"2023-07-08T08:01:35+00:00","mainEntityOfPage":{"@id":"https:\/\/youngitconsulting.de\/staging\/2187\/understanding-sso-part-1\/"},"wordCount":371,"commentCount":0,"image":{"@id":"https:\/\/youngitconsulting.de\/staging\/2187\/understanding-sso-part-1\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso1.png?fit=752%2C305&ssl=1","keywords":["Business portal","Drupal","Identity provider","IDP","Java portal","Joomla","Liferay","Liferay DXP","Liferay DXP 7.4","Liferay portal","SSO","Token","web development","Wordpress"],"articleSection":["Mobile","React"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/youngitconsulting.de\/staging\/2187\/understanding-sso-part-1\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/youngitconsulting.de\/staging\/2187\/understanding-sso-part-1\/","url":"https:\/\/youngitconsulting.de\/staging\/2187\/understanding-sso-part-1\/","name":"Understanding SSO - Part 1 -","isPartOf":{"@id":"http:\/\/izg.tnd.mybluehost.me\/#website"},"primaryImageOfPage":{"@id":"https:\/\/youngitconsulting.de\/staging\/2187\/understanding-sso-part-1\/#primaryimage"},"image":{"@id":"https:\/\/youngitconsulting.de\/staging\/2187\/understanding-sso-part-1\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso1.png?fit=752%2C305&ssl=1","datePublished":"2023-06-25T11:44:43+00:00","dateModified":"2023-07-08T08:01:35+00:00","author":{"@id":"http:\/\/izg.tnd.mybluehost.me\/#\/schema\/person\/b46ed295bea3af3f3a4c263e64c82686"},"breadcrumb":{"@id":"https:\/\/youngitconsulting.de\/staging\/2187\/understanding-sso-part-1\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/youngitconsulting.de\/staging\/2187\/understanding-sso-part-1\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/youngitconsulting.de\/staging\/2187\/understanding-sso-part-1\/#primaryimage","url":"https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso1.png?fit=752%2C305&ssl=1","contentUrl":"https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso1.png?fit=752%2C305&ssl=1","width":752,"height":305},{"@type":"BreadcrumbList","@id":"https:\/\/youngitconsulting.de\/staging\/2187\/understanding-sso-part-1\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/youngitconsulting.de\/staging\/2187\/"},{"@type":"ListItem","position":2,"name":"Understanding SSO &#8211; Part 1"}]},{"@type":"WebSite","@id":"http:\/\/izg.tnd.mybluehost.me\/#website","url":"http:\/\/izg.tnd.mybluehost.me\/","name":"","description":"IT Consulting , Liferay DXP , Salesforce , Java Consulting","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/izg.tnd.mybluehost.me\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"http:\/\/izg.tnd.mybluehost.me\/#\/schema\/person\/b46ed295bea3af3f3a4c263e64c82686","name":"YoungIT","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/45f6160db01519229a2463b514b42085e51d1816913b18ffa5181a439cc7999c?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/45f6160db01519229a2463b514b42085e51d1816913b18ffa5181a439cc7999c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/45f6160db01519229a2463b514b42085e51d1816913b18ffa5181a439cc7999c?s=96&d=mm&r=g","caption":"YoungIT"},"sameAs":["http:\/\/box2537\/cgi\/addon_GT.cgi?s=GT::WP::Install::EIG+%28izgtndmy%29+-+127.0.0.1+%5Bnocaller%5D"],"url":"https:\/\/youngitconsulting.de\/staging\/2187\/author\/izgtndmy\/"}]}},"jetpack_featured_media_url":"https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/sso1.png?fit=752%2C305&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/posts\/5834","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/comments?post=5834"}],"version-history":[{"count":5,"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/posts\/5834\/revisions"}],"predecessor-version":[{"id":5849,"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/posts\/5834\/revisions\/5849"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/media\/5836"}],"wp:attachment":[{"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/media?parent=5834"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/categories?post=5834"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/tags?post=5834"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}