Centralized user authentication
The increased use of cloud computing, mobile applications and social media, as well as increased security requirements, are creating an ever greater need for single sign-on solutions. The multitude of identities and passwords are still the most widespread method of user authentication and are increasingly causing increased security risks and generating costs in companies.
The risks associated with the use of passwords lead to both direct financial losses due to the theft of confidential information, for example, through hacker attacks/cybercrime, and to reduced efficiency in the work of frontline employees and IT service providers.
Single Sign On – The login process
1. the user calls up an application or website
2. the service provider (of the application or website) sends a token to the identity service to authenticate the user
3. the identity service checks whether the user has already authenticated himself
a. If yes, proceeds to step 4
b. If no, the user is prompted to enter their credentials (username, passwords, etc.).
4. the identity provider validates the credentials and sends a token to the service provider via browser to confirm authentication
5. the service provider validates the token using a certificate (the certificate must be configured once initially)
6. if the token is validated successfully, the user is granted access to the application or website.