What is Desktop SSO?
What is Desktop SSO?
Single sign-on, commonly abbreviated as SSO, is a login method wherein one singular login through a given portal provides access to multiple accounts and applications.

Instead of logging in separately for each and every account, SSO makes one login the point of access for every account thereafter.

From an enterprise perspective, SSOs can recover precious productive time previously lost to the drudgery of logging in to half a dozen different accounts. But just as they shouldn’t be so easily dismissed, they shouldn’t be so quickly adopted, either; there are advantages and disadvantages to keep in mind before deciding whether SSO is a fitting option for your enterprise. Let’s review both.
What is SSO?
Single Sign-on (SSO) is a form of access control wherein a single authentication can provide access to multiple separate software services. This allows a user to use a single set of credentials to access multiple services and simplifies the user access control.
What are the benefits of SSO?
SSO simplifies user management, reduces password fatigue, makes ITs job easier, and can enforce MFA for every application provided. In essence, it reduces friction by a large factor.
Is SSO more secure?
Passwords are a primary attack target for bad actors. Multiple passwords effectively provide multiple points of entry. SSO conversely reduces this attack surface by limiting login to a single set of credentials and improves your overall security.

With only one access point per user, the enterprise perimeter is also made ultra-obvious. Tracking user behavior and access attempts are simplified, allowing more time and energy to be directed towards protecting and fortifying the perimeter instead of simply monitoring it.
Can SSO be passwordless?
Since the Identity Provider is responsible for authentication, it can use a passwordless mechanism, thus allowing for passwordless SSO.

What are the benefits of continuous authorization in a world of SSO? Continuous authentication limits compromise of the Identity Provider (Idp) leading to access of all SSO applications.
What is SAML?
Security Assertion Markup Language (SAML) is a standardized XML-based SSO protocol used for the exchange of authentication data.
How does SAML authentication work?
There are two main entities involved in the SAML protocol: the Identity Provider (Idp) and the Service Provider (SP). Initially, a trust relationship is established between both the Idp and the SP. In a typical SAML flow, the user attempts to access a resource at the SP, which triggers a browser redirect to the Idp. At the Idp, the user authenticates by entering their credentials, which triggers the Idp to send a SAML authentication token to the SP. At this point, the SP verifies the authentication token based on the established trust relationship and grants the user access.