Single Sign-On – Example

Google (IdP – Identity Provider) and Gmail (SP – Service Provider) will be used as examples:

The principal steps of an SSO process are:

1. The user requests access to an SP (Gmail)
2. The SP (Gmail) redirects the user to the IdP (Google)
3. The IdP (Google) prompts the user to enter their credentials
4. The IdP (Google) verifies the user’s identity and generates an access token
5. The IdP (Google) sends the access token to the user’s browser or app
6. The user’s browser or app redirects the access token to the SP (Gmail)
7. The SP (Gmail) validates the access token and grants the user access