How does Single Sign-on work? That’s the real question here. We hear about it constantly – especially as we begin spending more time online. The digital environment of today is saturated with information, so much so that answering a simple question like ‘how does Single Sign-on work’ can be a huge hassle. Honestly, it doesn’t have to be. Single Sign-on doesn’t have to be complicated, or shrouded in mystery. It does, however, need to remain an important consideration in the modern digital schema.
Take your eyes off of Google for a second, and click away from Wikipedia. Today, I am going to show you a world where Single Sign-on is a simple, easy, and welcome reprieve from the constant agitation and frustration of having to login so many different times in one sitting. You ask me, how does Single Sign-on Work? My answer is simple: Single Sign-on is the way the future should look.
Here it is.
How Does Single Sign-on Work?
Part I: Establishing Identity – Proving that you Belong
The way the sun reflects off the surfaces of those distant, marble towers is somewhat hypnotic. From the main gate, the city proper is still a mile or so away, yet the buildings stretch so far into the sky, it seems like they will never end. There are so many to choose from, it’s almost easy to get lost in the immense number of options – but with just a simple choice, there is no telling where you might end up!
The gatekeeper acknowledges me with a curt nod towards an open terminal. He doesn’t speak much – there is no need. Any who would access the wonders of the city are required to register as one of the populace. It’s an antiquated system, but one that serves as the foundation for the convenience and simple life that the city promises its citizenry.
First the terminal requires my name, date of birth and a series of biometric readings – retinal scans, finger printing, brainwave pattern – the typical registration requirements. A digital assistant is created during registration, tailored to my specific identity. Basking in the reflected warmth of the sun, on the cusp of a new world, the terminal prompts me to input a name for the new AI.
The AI is a small addition to my identity – proof to the vendors and the citizens that I am precisely who I claim. Those who provide a service will check my identity against my digital companion, and I will be none the wiser. A much simpler, elegant solution to my last village. The constant standing in line, lugging around proof after proof of who I am, creating and forgetting security phrases (passwords went out of style long ago when a single word wasn’t enough) – it was enough to make any sane person seek out the greatest advancements of the era.
The City holds the key.
Not-too-distant memories flutter in the recesses of my mind and I do not hesitate. I key in the name for my AI and the gatekeeper holds out a metallic band, embossed with the city emblem – a faint projection screen is visible, even in the glare of the sun.
‘Hello, Baldur.’ I say aloud, as I fit my personal identification terminal to my wrist. A curt series of beeps and tonal tests responds as the interface matches my established identity to who I am. The overwhelming amount of choices that loomed over me upon reaching the city gate disappeared in that instant. With Baldur there to prove that I belong, I have nothing else to fear.
The gatekeeper steps back as the series of metallic bars in front of me roar to life, mechanized to permit my entrance – the city stands wide open before me, and there is nothing to hold me back.
SSO – A Story in and of Itself
Single sign-on is a story in its own right. Every time we login to a service or one of our many accounts we are each writing another line in the tale of our digital life, and every SAML, CAS or even forms-based action is a plot line of its own – complete with twists and turns. Like every story, however, the important part is how you approach the central conflict.
For those of us still asking, ‘How does single sign-on work,’ establishing identity doesn’t have to be a confusing first step in the progress. Like our hopeful citizen of a future world – it is a necessary evil when we attempt to blend security and usability in a seamless combination. Sure – you can continue to login to every service that you need: your bank, your social media accounts, your business server, etc. with a different username and password for each – but who has the time or the patience? To answer the question, ‘How does single sign-on work?’ is simple: it starts with identity.
Next time, I will be providing a creative overview of the next basic step in answering the question ‘how does single sign-on work”: Leveraging a single identity against multiple accounts and services. Stay tuned and let me know if you have your own take on the question at hand, how does single sign on work?
If you like my creative spin, let me know in the comments below! If you like it, I’ll write it!