Technical definition of SSO
Single sign-on (SSO) is a property of access control of multiple related, but independent software systems. With this property, a user logs in once and gains access to all systems without being prompted to log in again at each of them. (From Wikipedia)
Technical example of use
SAML 2.0 attributes required by Sketch Engine
To assign a SSO authenticated request to an organisation licence and a user profile in Sketch Engine, the following SAML 2.0 attributes should be released by the identity provider:
- eduPersonScopedAffiliation (urn:oid:220.127.116.11.4.1.5918.104.22.168.9) or eduPersonPrincipalName (urn:oid:22.214.171.124.4.1.59126.96.36.199.6) – mandatory,
- eduPersonTargetedID (urn:oid:188.8.131.52.4.1.59184.108.40.206.10) or eduPersonPrincipalName (urn:oid:220.127.116.11.4.1.5918.104.22.168.6) – mandatory,
- email (urn:oid:0.9.2342.19200300.100.1.3) – optional (enables responding to user’s support requests, the user will be asked to supply this information if not released by the identity provider),
- displayName (urn:oid:2.16.840.1.113722.214.171.124) – optional (enables person identification within the organisation, the user will be asked to supply this information if not released by the identity provider).
To find if your institution meets the requirements, SAML2 attributes released by an identity provider can be checked in the Attribute Viewer.
An institution can be checked in the eduGAIN Entities Database for membership and SAML 2.0 support.