SAML Single Sign-On (SSO)

Written by Rajat Bhargava on March 10, 2016

Share This Article

Single Sign-On (SSO) is the holy grail of identity management, providing a single set of credentials that users need to access every IT resource, from systems and applications to networks. At JumpCloud, we refer to this as True SSO™.

Historically, SAML Single Sign-On has been integral in building successful web applications. SAML (Security Assertion Markup Language) is the XML-based standard to support web application authentication. The industry standard was created in the early 2000s, then saw mass adoption a decade later when web applications started to accelerate. The goal of SAML was simple: enable a more secure and simple mechanism to authenticate with web applications. Instead of users logging into each web application with a separate set of credentials, web applications could ask for assertion from a directory service, or identity provider, to confirm that the person logging in was who they said they are.

SAML SSO Is One Piece of the Identity Services Puzzle

SAML, created years ahead of its time, has become an important part of a True SSO solution, which is the core of today’s Directory-as-a-Service® (DaaS) platform.

In recent years, SAML Single Sign-On solutions have proliferated as the web application market exploded. The web SSO solutions assumed that organizations would have on-premises directories with which they integrated. Credentials were federated with the SAML SSO solution from the on-premise directory. Users would then leverage their SAML SSO solution to log in to web applications. There was trouble with this approach, however, since it required IT to have multiple, non-holistic solutions. On-premise applications that leveraged LDAP-based authentication were outside of the SAML Single Sign-On solution. So was WiFi authentication. Due to its limitations, web application SSO was not the ultimate SSO; rather, web app SSO was (and still is) one piece of the larger Identity-as-a-Service puzzle.

Directory-as-a-Service Offers True Single Sign-On

Nowadays, a new generation of SAML SSO solution, one that integrates with directory services, has emerged. Case in point: JumpCloud’s Directory-as-a-Service platform includes the ability to access web applications via SAML SSO. Additionally, JumpCloud functions as a True SSO solution, because it’s a cloud-based directory service that not only provides SAML SSO but also offers multi-protocol support. In fact, Windows, Mac, and Linux machines are authenticated from the cloud-based directory. In addition, the identity provider platform includes LDAP support, RADIUS support, and REST APIs, among other authentication methods. Similar to SAML at its inception, JumpCloud’s goal is not only advancing today’s identity services but also solving the problem of disparencies, by connecting users with the robust list of IT resources they need,  including devices, systems, applications (cloud and on-premise), and networks.

Ready to learn more about how you can leverage a SAML Single Sign-On solution for more than web applications? Take a look at JumpCloud’s Directory-as-a-Service and our DaaS glossary to learn more. Drop us a note if you have any questions. We’d be happy to discuss with you our approach to SAML SSO and beyond. Or sign up for a free account, and try JumpCloud for yourself. Your first 10 users are free forever.

Continue Learning with our Newsletter