An Identity Provider (IdP) authenticates and verifies users' identities, granting access to services. It manages credentials and issues authentication tokens. This enables secure single sign-on (SSO) across multiple applications.
Individual applications that rely on SSO for user login, such as your work email, project management tool, and CRM, resembling offices within the secure building.
The intermediary that facilitates communication between the IdP and SPs, securely transmitting authentication tokens, much like a secure hallway connecting the entrance to various offices.
Standards like SAML, OAuth, and OpenID Connect enable secure communication between the IdP and SP, ensuring safe user authentication and access control across platforms.
A centralized database (e.g., LDAP or Active Directory) stores user identities, roles, and permissions, providing a single point of management for access control. It ensures consistent authentication and authorization across systems and simplifies user administration.
Secure tokens (like JWT or SAML assertions) issued by the IdP verify a user's identity when accessing SPs, ensuring secure, token-based authentication. These tokens are digitally signed to prevent tampering and contain user information that helps grant appropriate access permissions.
This is a mechanism that allows users to log out from all connected applications simultaneously, enhancing security and convenience, and ensuring sessions are terminated across all services to prevent unauthorized access.