What is SSO (Single Sign-On)?

Turkish: SSO

SSO is a centralized sign-in model that lets users access multiple applications securely after one authentication session.

What is SSO?

SSO (Single Sign-On) lets a user authenticate once with an identity provider and then access multiple applications without entering a password again. A company portal, CRM, HR system, and support panel can all rely on the same identity provider.

In a typical flow, the user opens an application, the application redirects the user to the identity provider, the provider authenticates the user, and a signed token or assertion is returned. The application verifies that response and creates its own session. OAuth2 with OpenID Connect is common for web apps, while SAML remains common in enterprise environments.

Business Importance

SSO simplifies the employee experience, but the larger value is access control. When an employee leaves, disabling the central account can remove access to all connected applications. MFA, device policies, group-based permissions, and audit logs can also be managed from one place.

Poorly designed SSO can become a single point of failure or a high-impact compromise point. Backup administrator access, session duration, token signing keys, app-level authorization, and identity provider outage plans should be defined before rollout.