Single Sign-On Overview

Important. The content on this page deals with single sign-on (SSO) using the JavaScript SDK. Due to changes in web browser technology, including the fact that most browsers prohibit the use of third-party cookies, SSO using the JavaScript SDK is no longer available to new Identity Cloud customers. (However, we will continue to support existing customers who use this methodology.) If single sign-on is important to you we recommend that you use Hosted Login for your login and registration needs. See our Getting Started Guide to learn more about how single sign-on is implemented in Hosted Login.

Single Sign-On (SSO) functionality enables your customers to register or log in once and effortlessly navigate across your multiple websites without needing to log in again. SSO is also available for Social Login.

SSO Segments

By default, Single Sign-On authenticates all users who visit a member site and have an active SSO session open. Using segments, you can implement a more fine-grained SSO experience on your sites. If no segment setting is present, all users with an SSO session are automatically signed in to all customer sites.

For example, a large music brand can segment by artist and associated online stores. This lets a user log into a band’s site and SSO automatically signs the user into an online store in the same segment, but not into another artist’s site.

Multiple segments may be supported on a site. For example, a holding company with many brands may segment SSO by each brand and also allow users who have logged in on any brand’s site to be automatically logged in on the primary holding company site.

Segment settings are stored locally, and end users may manipulate their segment identifiers, so this feature should not be used for site security or restricting access.

Site Protocol Support

  • If your sign-in page is served over HTTP, SSO can work between either HTTP or HTTPS pages.
  • If your sign-in page is served over HTTPS, SSO can work only between HTTPS pages.
  • We recommend that you serve all pages over SSL to enhance security for site users.