SSO
Single Sign-On
An authentication mechanism that allows a user to log in once and gain access to multiple applications without repeatedly entering a password.
What is SSO?
SSO (Single Sign-On) is an authentication mechanism that allows a user to enter their credentials only once and then have access to the entire suite of company applications without repeated logins. SSO in corporate practice is typically implemented via an identity provider (IdP) — for example Microsoft Entra ID (formerly Azure AD), Okta, Google Workspace, or Keycloak for open-source.
The most widely used SSO protocols:
- SAML 2.0 — older, still dominant in enterprise B2B
- OpenID Connect (OIDC) — modern, based on OAuth 2.0, used in modern SaaS
- OAuth 2.0 — strictly for authorisation, often combined with OIDC
Benefits of SSO:
- User experience — an employee logs in once in the morning and has access everywhere
- Security — centralised control, simpler offboarding (disabling the account in the IdP cuts access across all applications)
- Audit — all logins are logged in one place
- MFA — multi-factor authentication is enforced centrally
When it is used
SSO is today a de facto requirement in every medium and larger company:
- When deploying more than 5 SaaS applications
- Under regulatory obligation (ISO 27001, SOC 2)
- In enterprises and public sector organisations
See the Security page and the API page.
Related terms
- RBAC — SSO controls identity; RBAC determines permissions. See /en/glossary/rbac.
- ReBAC — more advanced permissions combined with SSO. See /en/glossary/rebac.
- ISO 27001 — SSO is a standard security control. See /en/glossary/iso-27001.
In Modulario
Modulario supports SSO via SAML 2.0 and OpenID Connect — integration with Microsoft Entra ID, Google Workspace, and Okta is out of the box. When a new employee is onboarded, IT simply assigns them to a group in the IdP and Modulario sees them automatically. Details at /en/security.
When onboarding a new employee, it is sufficient to add the user in Microsoft Entra ID to the “Modulario Users” group — the system automatically sees them, assigns them a default role, and sends a welcome email. During offboarding, IT disables the account in the IdP and access to Modulario is automatically cut within 5 minutes — critical for GDPR compliance and data security obligations.
Related terms
RBAC
An authorisation model in which permissions are assigned through roles rather than to individual users — simpler management and auditability.
ReBAC
An authorisation model based on relationships between objects — access is derived from which teams and projects a user belongs to.
ISO/IEC 27001
The international standard for an Information Security Management System (ISMS) — certification that demonstrates an organisation's maturity in IT security.
GDPR
The EU regulation on personal data protection in force since 25 May 2018 — defines the rights of data subjects and the obligations of controllers.
API
An interface through which different software systems communicate — in B2B SaaS typically a REST API or GraphQL over HTTPS.
Related Modulario modules
Implementing SSO in your company?
Modulario covers most B2B processes modularly — deploy only what you need now and grow gradually. Book a free consultation.
Book a consultation