About SAML Single Sign-On (SSO)

Eliminate passwords, increase security, improve convenience

Learn all about SAML SSO

What is SAML?

You may have heard of SAML. It stands for Security Assertion Markup Language. SAML is a standard protocol used by web browsers to enable Single Sign-On (SSO) through secure tokens. The great thing about SAML? It completely eliminates the need for passwords. It does so by using standard cryptography and digital signatures to pass a secure sign-in token from an identity provider to an SaaS application.

SAML is an XML-based open standard. It’s the product of the OASIS Security Services Technical Committee. Most common SaaS vendors, such as Salesforce, Google and Microsoft already support SAML. SAML-enabling apps using other vendors can cost hundreds of thousands of dollars a year in fees, but is free as part of the OneLogin community.

Secure, Password-free Login

SAML uses secure tokens which are digitally signed and encrypted messages with authentication and authorization data. For example, a user’s email and company role. It passes these tokens from an identity provider to a cloud application using an established trust relationship. The standards-based nature of SAML delivers interoperability across identity providers and a common way for apps to sign-in users based on trusted information without managing credentials.

How does SAML help?

If you’re an IT administrator, SAML can help you securely get rid of passwords and deploy applications faster. If you’re an app vendor, SAML can help you secure your applications, reduce development costs, and gain wider, faster adoption. For IT, SAML lets you secure user logins and roll out application access faster and more securely.

Phishing Prevention

SAML helps with security by eliminating passwords. If you don’t have a password for an app, you can’t be tricked into entering it on a fake login page.

It also makes for more satisfied users, because it provides streamlined, one-click access from portals or the intranet, deep linking, password elimination, and automatically renewed sessions. One browser redirect is all it takes for a user to securely login to an application.

How does SAML help IT?

SAML simplifies life for IT because it centralizes authentication, provides greater visibility and makes directory integration easier. These are just some of the reasons why enterprises love SAML. And if you’re a B2B cloud vendor, you should support it, too, because businesses love it.

OneLogin and SAML SSO

OneLogin provides single sign-on through SAML for web apps. SAML-based applications work perfectly with OneLogin’s Zero-Config Active Directory Connector, which allows users to sign into applications with their Windows credentials.

In addition, it is easy to SAML-enable internal or custom web apps in as little as a few hours using one of OneLogin’s open source SAML Toolkits.

Of course, it’s always a good idea to add multi-factor authentication (MFA), as well, to protect the one SSO password. MFA adds an additional factor for the log in, so that even if a hacker gains access to the user’s credentials, the criminal won’t have that other factor and so won’t gain access. SSO and MFA together make for a winning team.

Thanks for signing up.

We’ve sent a verification email to

To complete your trial sign up, please check your email and follow instructions to verify. You may need to check your spam. You will be prompted to set up a password and log in. Please note that your user name is your email address.

Get Started in 3 Easy Steps:

Try OneLogin Free for 30 days

All fields are required

  • This field is required.
  • Please enter your first name
  • Please enter your last name
  • Please enter your job title
  • Please enter your phone number
  • Note: Please enter a work email address only as we DO NOT accept web-mail addresses (gmail, yahoo, hotmail, etc.)

    Is that a correct business email address?
  • Please enter company name
  • .onelogin.com
    Please choose another subdomain
  • Please enter number of employees
  • Please enter country
  • Please enter state
  • By completing and submitting this form, I agree to the storing and processing of my personal data by OneLogin as described in our Terms of Service and Privacy Policy.

  • By creating your account, you agree to the Terms of Service and Privacy Policy.

Related Resources:

How does SSO work?

Find out, in plain language, what single sign-on is and how it works, and make better decisions about securing your company’s digital data.

Read More

Checklist for SSO systems

Find out if your SSO solution meets your company’s requirements to support employees and IT with OneLogin’s SSO checklist.

Read More

Why is SSO important?

Learn how single sign-on improves security and usability and saves IT costs.

Read More