SSO

Single Sign-On (SSO) is an authentication technology that allows users to log in once and gain access to multiple related applications and services without re-authenticating. SSO implementations rely on protocols such as SAML 2.0, OpenID Connect (OIDC), and OAuth 2.0. Major identity providers including Okta, Microsoft Entra ID, Google, Ping Identity, Auth0, and Keycloak expose SSO APIs that allow applications to integrate federated authentication, token exchange, assertion validation, and session management.

2 APIs 0 Features

AuthenticationAuthorizationIdentityOAuthOIDCSAMLSecuritySingle Sign-OnSSO

Sources

name: SSO
description: >-
  Single Sign-On (SSO) is an authentication technology that allows users to log in once and gain access to multiple
  related applications and services without re-authenticating. SSO implementations rely on protocols such as SAML 2.0,
  OpenID Connect (OIDC), and OAuth 2.0. Major identity providers including Okta, Microsoft Entra ID, Google, Ping
  Identity, Auth0, and Keycloak expose SSO APIs that allow applications to integrate federated authentication, token
  exchange, assertion validation, and session management.
url: https://github.com/api-evangelist/sso
tags:
  - Authentication
  - Authorization
  - Identity
  - OAuth
  - OIDC
  - SAML
  - Security
  - Single Sign-On
  - SSO
created: '2025-01-01'
modified: '2026-05-19'
apis:
  - aid: sso:saml-authentication
    name: SAML SSO Authentication API
    tags:
      - Authentication
      - Federation
      - Identity
      - SAML
      - Single Sign-On
      - SSO
    baseURL: https://your-idp.example.com
    humanURL: https://www.oasis-open.org/standards#samlv2.0
    description: >-
      The SAML 2.0 Single Sign-On API enables service providers and identity providers to exchange authentication
      assertions via XML-signed messages. It supports HTTP Redirect Binding and HTTP POST Binding for AuthnRequest and
      Response flows, Assertion Consumer Service (ACS) endpoints, Single Logout (SLO), and IdP metadata retrieval as
      defined by the OASIS SAML 2.0 specification.
    properties:
      - url: https://www.oasis-open.org/standards#samlv2.0
        type: Documentation
      - url: https://wiki.oasis-open.org/security/FrontPage
        type: Documentation
      - url: openapi/sso-saml-openapi.yml
        type: OpenAPI
  - aid: sso:oidc-authentication
    name: OpenID Connect (OIDC) Authentication API
    tags:
      - Authentication
      - Identity
      - JWT
      - OAuth
      - OIDC
      - Single Sign-On
      - SSO
    baseURL: https://your-idp.example.com
    humanURL: https://openid.net/connect/
    description: >-
      The OpenID Connect (OIDC) API is a lightweight identity layer built on top of OAuth 2.0. It enables applications
      to verify user identity through the Authorization Code Flow, Implicit Flow, and Hybrid Flow. Key endpoints include
      the Authorization Endpoint, Token Endpoint, UserInfo Endpoint, and JWKS URI for token signature verification. OIDC
      is supported by all major identity providers.
    properties:
      - url: https://openid.net/connect/
        type: Documentation
      - url: https://openid.net/developers/specs/
        type: Specification
      - url: openapi/sso-oidc-openapi.yml
        type: OpenAPI
common:
  - url: https://www.oasis-open.org/standards#samlv2.0
    type: Specification
  - url: https://openid.net/connect/
    type: Specification
  - url: https://oauth.net/2/
    type: Specification
  - url: https://github.com/api-evangelist/sso
    type: GitHubOrg
  - url: json-ld/sso-context.jsonld
    type: JSONLD
  - url: json-schema/sso-saml-assertion-schema.json
    type: JSONSchema
  - url: json-schema/sso-oidc-token-schema.json
    type: JSONSchema
  - url: vocabulary/sso-vocabulary.yml
    type: Vocabulary
  - url: rules/sso-rules.yml
    type: SpectralRules

SSO

APIs

SAML SSO Authentication API

OpenID Connect (OIDC) Authentication API

Semantic Vocabularies

Sso Context

API Governance Rules

SSO API Rules

Resources

Sources