@milan_milanovic: ๐๐ผ๐ ๐ฑ๐ผ๐ฒ๐ ๐ฆ๐ถ๐ป๐ด๐น๐ฒ ๐ฆ๐ถ๐ด๐ป-๐ข๐ป (๐ฆ๐ฆ๐ข) ...
@milan_milanovic
28 views
Dec 19, 2023
1
๐๐ผ๐ ๐ฑ๐ผ๐ฒ๐ ๐ฆ๐ถ๐ป๐ด๐น๐ฒ ๐ฆ๐ถ๐ด๐ป-๐ข๐ป (๐ฆ๐ฆ๐ข) ๐๐ผ๐ฟ๐ธ?
Single sign-on (SSO) is an authentication process that allows a user to access multiple applications with a single login. This is accomplished using a central authentication server that stores the user's credentials and verifies them for each application.
Here are ๐๐ต๐ฒ ๐๐๐ฒ๐ฝ๐ that happen if you want to access Trello by using your Google account:
1. Use the Trello login web page and select Google account as a login method
2. Trello redirects the user to the Google login page
3. User is served with the Google login page
4. The user enters their Google credentials
5. Trello forwards credentials to Google
6. Google sends authentication info to the SSO Authorization server
7. If credentials are valid, the Authorization server returns the auth token (SAML)
8. Google send the auth token to the Trello
9. In the last step, Trello sends the token to the Google Authorization server to validate its
10. If the token is valid, Trello will allow access to the user and store the session for future interactions
The ๐ฏ๐ฒ๐ป๐ฒ๐ณ๐ถ๐๐ of SSO are:
๐น Improved user experience: Users do not need to remember multiple usernames and passwords.
๐น Increased security: Users are less likely to reuse passwords across applications.
The ๐ฑ๐ถ๐๐ฎ๐ฑ๐๐ฎ๐ป๐๐ฎ๐ด๐ฒ๐ are:
๐ธ Single point of failure: One of the most notable disadvantages is that SSO creates a single point of failure. The attacker could access all connected applications and services if the SSO system is compromised.
๐ธSecurity risks: If credentials are compromised, the security of all connected applications could be at risk.
Some ๐ฐ๐ผ๐บ๐บ๐ผ๐ป ๐๐๐ฝ๐ฒ๐ ๐ผ๐ณ ๐ฆ๐ฆ๐ข are:
๐น ๐ฆ๐๐ ๐-๐ฏ๐ฎ๐๐ฒ๐ฑ ๐ฆ๐ฆ๐ข: This is the most common type of SSO. It uses the SAML protocol to exchange authentication information between the SSO server and applications.
๐น ๐ข๐๐๐๐ต ๐ฎ.๐ฌ: It provides delegated access to server resources on behalf of a resource owner. It specifies how tokens are transferred, allowing a user's identity to be authenticated by an IDP and the credentials to be used to access APIs.
๐น ๐ข๐ฝ๐ฒ๐ป๐๐ ๐๐ผ๐ป๐ป๐ฒ๐ฐ๐: This is a newer type of SSO based on OAuth 2.0. It is a more straightforward protocol than SAML and is easier to integrate with web applications.
Some ๐ฝ๐ผ๐ฝ๐๐น๐ฎ๐ฟ ๐ฆ๐ฆ๐ข ๐๐ผ๐น๐๐๐ถ๐ผ๐ป๐ are:
๐น Azure Active Directory
๐น Okta
๐น Ping Identity
๐น OneLogin
๐น Google Cloud Identity Platform
#programming #web
Single sign-on (SSO) is an authentication process that allows a user to access multiple applications with a single login. This is accomplished using a central authentication server that stores the user's credentials and verifies them for each application.
Here are ๐๐ต๐ฒ ๐๐๐ฒ๐ฝ๐ that happen if you want to access Trello by using your Google account:
1. Use the Trello login web page and select Google account as a login method
2. Trello redirects the user to the Google login page
3. User is served with the Google login page
4. The user enters their Google credentials
5. Trello forwards credentials to Google
6. Google sends authentication info to the SSO Authorization server
7. If credentials are valid, the Authorization server returns the auth token (SAML)
8. Google send the auth token to the Trello
9. In the last step, Trello sends the token to the Google Authorization server to validate its
10. If the token is valid, Trello will allow access to the user and store the session for future interactions
The ๐ฏ๐ฒ๐ป๐ฒ๐ณ๐ถ๐๐ of SSO are:
๐น Improved user experience: Users do not need to remember multiple usernames and passwords.
๐น Increased security: Users are less likely to reuse passwords across applications.
The ๐ฑ๐ถ๐๐ฎ๐ฑ๐๐ฎ๐ป๐๐ฎ๐ด๐ฒ๐ are:
๐ธ Single point of failure: One of the most notable disadvantages is that SSO creates a single point of failure. The attacker could access all connected applications and services if the SSO system is compromised.
๐ธSecurity risks: If credentials are compromised, the security of all connected applications could be at risk.
Some ๐ฐ๐ผ๐บ๐บ๐ผ๐ป ๐๐๐ฝ๐ฒ๐ ๐ผ๐ณ ๐ฆ๐ฆ๐ข are:
๐น ๐ฆ๐๐ ๐-๐ฏ๐ฎ๐๐ฒ๐ฑ ๐ฆ๐ฆ๐ข: This is the most common type of SSO. It uses the SAML protocol to exchange authentication information between the SSO server and applications.
๐น ๐ข๐๐๐๐ต ๐ฎ.๐ฌ: It provides delegated access to server resources on behalf of a resource owner. It specifies how tokens are transferred, allowing a user's identity to be authenticated by an IDP and the credentials to be used to access APIs.
๐น ๐ข๐ฝ๐ฒ๐ป๐๐ ๐๐ผ๐ป๐ป๐ฒ๐ฐ๐: This is a newer type of SSO based on OAuth 2.0. It is a more straightforward protocol than SAML and is easier to integrate with web applications.
Some ๐ฝ๐ผ๐ฝ๐๐น๐ฎ๐ฟ ๐ฆ๐ฆ๐ข ๐๐ผ๐น๐๐๐ถ๐ผ๐ป๐ are:
๐น Azure Active Directory
๐น Okta
๐น Ping Identity
๐น OneLogin
๐น Google Cloud Identity Platform
#programming #web
2
To expand your knowledge and personal growth, subscribe to my free weekly newsletter with 20,000+ people: https://t.co/MMCXxQQR4F.
