Single Sign-On Overview
Single Sign-On (SSO) enables your customers to register or to log in one time and then effortlessly navigate across your multiple websites without having to log in again. SSO is also available for Social Login.
By default, Single Sign-On authenticates all users who visit a member site and have an active SSO session open. Using segments, you can implement a more fine-grained SSO experience on your sites. If no segment setting is present, all users with an SSO session are automatically signed in to all customer sites.
For example, a large music brand can segment by artist and associated online stores. This lets a user log into a band’s site and SSO automatically signs the user into an online store in the same segment, but not into another artist’s site.
Multiple segments may be supported on a site. For example, a holding company with many brands may segment SSO by each brand and also allow users who have logged in on any brand’s site to be automatically logged in on the primary holding company site.
Segment settings are stored locally, and end users may manipulate their segment identifiers, so this feature should not be used for site security or restricting access.
Site Protocol Support
- If your sign-in page is served over HTTP, SSO can work between either HTTP or HTTPS pages.
- If your sign-in page is served over HTTPS, SSO can work only between HTTPS pages.
- We recommend that you serve all pages over SSL to enhance security for site users.