{"id":7268,"date":"2021-11-05T09:00:30","date_gmt":"2021-11-05T13:00:30","guid":{"rendered":"https:\/\/www.jumpcloud.com\/blog\/?p=7268"},"modified":"2024-02-08T11:37:16","modified_gmt":"2024-02-08T16:37:16","slug":"what-is-true-sso","status":"publish","type":"post","link":"https:\/\/jumpcloud.com\/blog\/what-is-true-sso","title":{"rendered":"What is True Single Sign-On (SSO)?"},"content":{"rendered":"\n

We\u2019ve gotten so used to using the term single sign-on (SSO)<\/a> that we don\u2019t even realize the definition doesn\u2019t make sense anymore. Today most people think of single sign-on as the way to sign in once using one set of credentials to access web applications. But since that definition of SSO only covers web applications, shouldn\u2019t we be calling it \u201cweb application SSO\u201d?<\/p>\n\n\n\n

In theory, single sign-on should describe exactly what the name implies \u2014 the ability to leverage a single set of credentials to sign on to all resources needed. That being said, even web app SSO is not really single<\/em> sign-on, as it doesn\u2019t facilitate identity federation<\/a> to all of the other resources people use to get work done. <\/p>\n\n\n\n

In a modern IT environment, users need to sign into resources such as cross-OS devices, WiFi networks, VPNs, physical and virtual file servers, legacy apps, web apps, and more. So, even though web app SSO provides a simple way to access web applications, with only a web app SSO point solution in place, users still have to sign in separately to access all of these other resources. From the user\u2019s perspective, this version of \u201csingle sign-on\u201d is actually single sign-on to each silo<\/em>.<\/p>\n\n\n\n

This is where the term True Single Sign-On\u2122 comes into play \u2014 True SSO\u2122 is the means to allow users to securely and efficiently access virtually all of their IT resources, including the ones listed above, with a single, secure set of credentials. JumpCloud offers True SSO solutions<\/a> among many other features across the JumpCloud Directory Platform which enable remote and traditional work while solving a multitude of identity and access management (IAM) problems that IT teams and organizations face.<\/p>\n\n\n\n

Why Web App SSO Isn\u2019t Enough<\/h3>\n\n\n\n

Even with web app SSO in the mix, it has been a hassle for IT to keep track of all the different identities a single user might have in order to access all of their resources, which means that onboarding that user, keeping them activated and productive while they work, and then (eventually) deprovisioning that user should they leave temporarily or permanently from all of those resources is a nightmare. <\/p>\n\n\n\n

For the IT admin, True SSO from the cloud means a central place to manage a single identity for each person that is then federated to each resource they need from the core identity provider (IdP) promoting security, productivity, and tighter control over identities. For the user, it means fewer passwords to remember and easier access to their devices, networks, apps, and other frequently used resources, resulting in higher productivity. <\/p>\n\n\n\n

Today, a complex cloud-forward environment demands a modern and complete cloud SSO solution. Providing true single sign-on services to an organization\u2019s users is a core part of what IT admins are charged with, so it\u2019s important to understand why SSO often revolves around web apps, how it\u2019s changing to meet modern needs, and how to implement a complete single sign-on solution.<\/p>\n\n\n

\n
\"Active<\/figure><\/div>\n\n\n

The Creation of Web Application SSO<\/h2>\n\n\n\n

The reality is that when single sign-on first entered the market over a decade ago, it was possible to use it in a way that allowed you to access all of the resources you needed. This was all at a time when just about everything was on-prem: users had to be physically present at their desks, systems were hardwired into private networks, applications were primarily Windows-based and came in a box with installation disks. You had Microsoft Active Directory<\/a> (AD) and a domain controller to authenticate and authorize access to everything on-premise, which was largely Windows-based devices and applications. <\/p>\n\n\n\n

Then, as cloud apps emerged and increased in popularity, web application SSO providers<\/a> also surfaced, marketing a product that was meant to be an add-on solution to AD. The idea was that by extending AD, users could then leverage one set of credentials to gain access to on-prem resources and web applications, admins could retain control over user access and management beyond what was possible with AD alone \u2014 and everybody wins. It seemed like SSO and AD were a perfect match. So when it began, true SSO was a reality, albeit a multi-tool solution in a simplistic environment. <\/p>\n\n\n

\n
\"true<\/figure><\/div>\n\n\n

How Modern SSO Has Evolved<\/h2>\n\n\n\n

However, nothing is constant in the IT world, and before long, this seemingly perfect relationship between AD and SSO<\/a> began to break down. Over the next decade, IT infrastructure exploded into a complex set of cross-OS devices, applications, network infrastructure pieces, and services. The traditional concept of single sign-on slowly became SSO access to one fraction of resources within the IT environment, and then became synonymous with web application access. Your devices, on-premise applications, networks, and other resources were, and continue to be, excluded from this version of SSO. <\/p>\n\n\n\n

This meant that Active Directory, which was and has always been designed for managing on-prem Windows resources, wasn\u2019t as effective. As a result, the SSO solutions that were built on top of AD suffered the same fate \u2014 they became obsolete for many organizations that needed a more comprehensive approach to SSO and identity access management. <\/p>\n\n\n\n

These monumental changes in the IAM space created a significant opportunity in the realm of single sign-on. A need for more comprehensive IAM and SSO<\/a> emerged, and the solution was created in the form of a cloud-based directory platform<\/a>. JumpCloud has revolutionized how people think about single sign-on with the JumpCloud Directory Platform that provides a true central identity for users to connect to virtually any IT resource they need to be productive and efficient, including cross-OS devices, legacy and cloud applications, networks, servers, and more, regardless of provider, platform, protocol, or location.<\/p>\n\n\n\n\n

\n
\n \"JumpCloud\"\n <\/div>\n
\n

\n <\/p>\n

\n JumpCloud\u2019s Identity and Access Management Solution With SSO <\/p>\n <\/div>\n

\n Get Started<\/a>\n <\/div>\n<\/div>\n\n\n\n\n

Why True Single Sign-On Is an Important Achievement<\/h2>\n\n\n\n

In response to all of the changes that have happened in IT over the last decade or so, SSO providers are experiencing an identity crisis<\/a>. Users still want one set of credentials for access, but for all of their IT resources. Web app SSO alone won\u2019t do \u2014 instead, admins want the ability to flip a switch to authorize access for everything. Unfortunately, traditional web app SSO providers cannot handle this request. <\/p>\n\n\n\n

What\u2019s more, the entire market is shifting toward True SSO solutions that are part of bigger, modern IAM platforms. This can be seen through recent acquisitions<\/a> that highlight a common theme \u2014 the market is moving away from web app point solutions to holistic solutions that allow admins to control and facilitate access to virtually all IT resources.<\/p>\n\n\n\n

True Single Sign-On is the holy grail for IT organizations. It simplifies an end user\u2019s life and allows them to be more productive. The end user spends far less time worrying about how to access IT resources and more on just using whatever tools they need to do their job. <\/p>\n\n\n\n

For IT admins, the concept of True SSO is massively beneficial too. It centralizes control, increases security, and reduces support time. The only reason IT organizations haven\u2019t pursued it is because for a long time, they thought that it was impossible (mainly due to the heterogeneous nature of IT<\/a> today). There are just so many different platforms and protocols that need to be supported, how could one identity management platform do it all?<\/p>\n\n\n\n

This is all possible through a modern cloud IAM and SSO solution that integrates with devices, on-prem and cloud applications, networks, servers, and more. A solution like this includes the following capabilities:<\/p>\n\n\n\n