Single-sign on (SSO) and federated identity

Enterprise single sign-on (SSO) technologies can help reduce help-desk calls and user mistakes by consolidating credentials into one single password for all applications and services. Read the news and technical advice here to find deployment strategies and practical advice for SSO and federated identity.

New & Notable

Download this free guide

Your Guide to Info Sec Certifications

We’ve collected 30+ certifications for you. Which vendor-neutral and vendor-specific security certifications are best for you? Save time by downloading our list organized by experience level.

Corporate E-mail Address:
You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login.
You have exceeded the maximum character limit.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Single-sign on (SSO) and federated identity News

February 27, 2018 27 Feb'18
New SAML vulnerability enables abuse of single sign-on

Duo Security discovered a new SAML flaw affecting several single sign-on vendors that allows attackers to fool SSO systems and log in as other users without their passwords.
July 12, 2017 12 Jul'17
Q&A: Ping CEO on contextual authentication, intelligent identity

Ping Identity CEO Andre Durand talks with SearchSecurity about the data-driven move toward contextual authentication and intelligent identity and what this means for enterprises.
June 02, 2017 02 Jun'17
Users' SSO information at risk after OneLogin security breach

News roundup: OneLogin security breach puts SSO data at risk but is vague about the details. Plus, Gmail boosts its phishing detection features, and more.
January 12, 2016 12 Jan'16
OAuth vulnerabilities must be fixed in the standard

Researchers in Germany have found two OAuth vulnerabilities, which could allow attackers to break the authorization and authentication standard. And an expert said the fix must be made to the standard itself.

View All News

Single-sign on (SSO) and federated identity Get Started

Bring yourself up to speed with our introductory content

federated identity management

Federated identity management (FIM) is an arrangement that can be made between multiple enterprises to let subscribers use the same identification data to obtain access to the networks of all the enterprises in the group. Continue Reading
Single sign-on best practices: How can enterprises get SSO right?

Proper planning is at the top of the list for single sign-on best practices, but it's important to get enterprise SSO implementations off to a good start. Here's how to do it. Continue Reading
SAML (Security Assertion Markup Language)

The Security Assertion Markup Language (SAML) is an open standard for sharing security information about identity, authentication and authorization across different systems. Continue Reading

View All Get Started

Evaluate Single-sign on (SSO) and federated identity Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

Top 5 EMM implementation considerations

The wrong move can make or break your enterprise mobility management implementation. Broad device support, automated enrollment and single sign-on are must-have features. Continue Reading
Enterprise identity management tools keep cloud hackers at bay

Bringing new application types and integration points into the enterprise, cloud can complicate user identity management. So, how can you be sure your data is secure? Continue Reading
How to get started with IAM services in the cloud

Security is critical in the cloud, so it isn't surprising that identity and access management services are in high demand. Learn why you need IAM, and what services to consider. Continue Reading

View All Evaluate

Manage Single-sign on (SSO) and federated identity

Learn to apply best practices and optimize your operations.

OneLogin security chief delivers new security model

How did cloud identity and access management vendor OneLogin rebuild its security after a breach? We ask OneLogin security chief Justin Calmus. Continue Reading
10 unified access management questions for OneLogin CSO Justin Calmus

Enterprise security veteran Justin Calmus, who describes himself as an avid hacker, joined OneLogin as the CSO earlier this year. After last year's breach, who would want this job? Continue Reading
How does a SAML vulnerability affect single sign-on systems?

Researchers at Duo Security discovered a SAML vulnerability that enabled attackers to dupe single sign-on systems. Expert Michael Cobb explains how the exploit works. Continue Reading

View All Manage

Problem Solve Single-sign on (SSO) and federated identity Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Insecure OAuth implementations: How are mobile app users at risk?

Mobile apps using insecure OAuth could lead to over one billion user accounts being attacked. Expert Michael Cobb explains how developers can implement OAuth securely. Continue Reading
How to mitigate Atlassian Crowd's SSO vulnerability

Network security expert Brad Casey advises how to mitigate the vulnerability in SSO product Atlassian Crowd until an upgrade can be performed. Continue Reading
Types of SSO: Comparing two vendors' approaches to single sign-on

Expert Randall Gamby discusses various types of single sign-on, specifically the approaches of Ping Identity's SSO and Symplified SSO. Continue Reading

View All Problem Solve