Skip to content
E
ERPResearch

What is SSO (Single Sign-On)?

Single sign-on lets users access multiple applications, including HR and ERP systems, with one set of login credentials.

Definition

Single sign-on (SSO) is an authentication method that allows users to log in once and gain access to multiple connected applications without re-entering credentials for each one. It relies on a trusted identity provider that authenticates the user and passes verified identity to each application, commonly using standards such as SAML or OpenID Connect. SSO improves security by centralising authentication, enabling stronger controls like multi-factor authentication, and reducing password fatigue and risky reuse. For HR and ERP systems, it streamlines access for large workforces and simplifies provisioning and deprovisioning as employees join, move, or leave. It also strengthens compliance by centralising access governance and audit.

How SSO Works in ERP

In an ERP or HCM context, SSO connects the HR system and related applications to a central identity provider so employees use one secure login across self-service, payroll, and other modules. When core HR records a termination, deprovisioning through the identity provider can revoke access automatically, reducing security risk. This tight link between HR lifecycle events and identity management keeps access aligned with employment status.

ERP Vendors with Strong SSO

Frequently Asked Questions

How does single sign-on improve security for HR systems?

SSO centralises authentication with a single identity provider, allowing organisations to enforce strong controls such as multi-factor authentication and consistent password policies. It reduces the number of passwords users manage, cutting reuse and phishing risk. It also makes provisioning and, critically, deprovisioning access faster when employees leave, since access can be revoked centrally.

What standards enable single sign-on?

Common SSO standards include SAML (Security Assertion Markup Language) and OpenID Connect, which let an identity provider securely pass verified user identity to applications. These protocols allow HR, ERP, and other systems to trust a central authentication source. The standard used depends on the applications and identity provider involved.

Related Terms