Check out our list of free Single Sign-On (SSO) Software. Products featured on this list are the ones that offer a free trial version. As with most free versions, there are limitations, typically time or features.
If you'd like to see more products and to evaluate additional feature options, compare all Single Sign-On (SSO) Software to ensure you get the right product.
LastPass business solutions help teams & businesses take control of their identity management. LastPass provides simple control and unified visibility across every entry point to your business, with an intuitive access and multifactor authentication experience that works on everything from cloud and mobile apps to legacy on-premise tools. From single sign-on (SSO) and password management to adaptive multifactor authentication (MFA), LastPass Identity gives superior control to IT and friction
JumpCloud is an open directory platform for secure, frictionless access from any device to any resource, anywhere. JumpCloud’s mission is to Make Work Happen®, providing simple, secure access to corporate technology resources from any device, or any location. The JumpCloud Directory Platform gives IT, security operations, and DevOps a single, cloud-based solution to control and manage employee identities, their devices, and apply Zero Trust principles. JumpCloud has a global user base of more th
Millions of people and thousands of businesses depend on Keeper's password manager and encrypted vault to substantially reduce the risk of a data breach. Keeper is the world leader for securing passwords, documents and sensitive digital assets. With Keeper, your business can auto-generate high-strength passwords, protect sensitive files in an encrypted digital vault, securely share records with teams and seamlessly integrate with SSO, LDAP and 2FA. Start a 14-Day Free Trial now.
Rippling makes it easy to manage your company's Payroll, Benefits, HR, and IT—all in one, modern platform. It brings all of your employee systems and data together, and helps automate your busy work. Take onboarding, for example. With Rippling, you can just click a button, and in 90 seconds set up a new hires’ payroll, health insurance, 401K, work computer, and third-party apps — like Slack, Zoom, and Office 365 — 100% online and paperlessly. And that's just one reason why Rippling is The #1 R
OneLogin simpliﬁes identity management with secure, one-click access, for employees, customers and partners, through all device types, to all enterprise cloud and on-premises applications. OneLogin enables IT identity policy enforcement, and instantly disables app access for employees who leave or change roles in real time by removing them from Active Directory. Take control over application access, quickly on- and off-board team members, and provide end users with easy access to all their apps
Duo Security's frictionless Trusted Access platform protects users, data and applications from malicious hackers and data breaches. Our mission is to protect your mission. Duo Security makes security painless, so you can focus on what's important. Our scalable, cloud-based Trusted Access platform addresses security threats before they become a problem. We do this by verifying the identity of your users and the health of their devices before they connect to the apps you want them to access.
Auth0 provides a platform to authenticate, authorize, and secure access for applications, devices, and users. Security and application teams rely on Auth0's simplicity, extensibility, and expertise to make identity work for everyone. Safeguarding billions of login transactions each month, Auth0 secures identities so innovators can innovate, and empowers global enterprises to deliver trusted, superior digital experiences to their customers around the world. For more information, visit https://au
Idaptive Services secures enterprise identities against cyberthreats that target today’s hybrid IT environment of cloud, mobile and on-premises. Idaptive helps protect against the leading point of attack used in data breaches ― compromised credentials — through it’s Next Gen Access, which uniquely unifies single single-on (SSO), adaptive multi-factor authentication (MFA), enterprise mobility management (EMM) and user behavior analytics (UBA) into an integrated solution. Idaptive Services incl
Ping Identity (NYSE: PING) builds identity security for the global enterprise with an intelligent identity platform that offers comprehensive capabilities including single sign-on (SSO), multi-factor authentication (MFA), directory and more. Ping helps enterprises balance security and user experience for workforce, customer and partner identity types with a variety of cloud deployment options including identity-as-a-service (IDaaS), containerized software and more. Ping has solutions for both IT
Dashlane for businesses is a password management solution that is as easy to use as it is secure. Dashlane provides the ability to safely store login credentials, documents, and other private information with an industry-leading security architecture to mitigate the risk of data breaches and misuse. From single sign-on (SSO) authentication to automated provisioning, Dashlane gives IT the core features needed to secure the business without disruption to the work day. We’ve empowered over 15 mil
Password-related breaches are the leading cause of data loss. Protect your company data by ensuring that only authorized people are given secure access to sensitive applications and information, using Kaseya’s complete and integrated Identity and Access Management (IAM) solution. Combining the power of multi-factor authentication and the efficiency of single sign-on, AuthAnvil provides confidence in knowing that your most vulnerable data is secure 100% of the time.
Symantec SiteMinder is designed to secure the modern enterprise through a unified access management platform that applies the appropriate authentication mechanism to positively identify users; provides single sign-on and identity federation for seamless access to any application; enforces granular security policies to stop unauthorized access to sensitive resources; and monitors and manages the entire user session to prevent session hijacking.
miniOrange is a cloud based platform which provides Single Sign-On (SSO), Two Factor Authentication (2FA), Fraud Prevention, Cloud/Network Security and Social Login. Our Single Sign On (SSO), Strong Authentication (2FA) and Fraud Prevention products weave together disparate protocols and processes in secure Software as a Service environment providing easy to deploy, scalable and flexible platform at minimal total cost of ownership. miniOrange SSO (Single Sign-on) provides easy and seamless acc
Modernize your digital workforce with Avatier Identity Anywhere integrated Identity Access Governance featuring push notification workflow across all your favorite platforms, and a modern cross-platform SSO solution to connect to all your SAML, oAuth, OpenID, and webform apps. Discover unrivaled self-service IT experience enabling collaboration across the entire enterprise without compromising privacy and security. Avatier native mobile experience for iOS and Android includes real-time collabo
QuickLaunch is the only AI and blockchain based identity-as-a-service platform (IDaaS) that transforms how cloud-savvy institutions and companies manage human and device authentication, authorization and access control. QuickLaunch leverages AI to autodetect threats and step up authentication and leverages blockchain ledger to protect identities and maintain historical access control changes for automatic compliance management. More than 100 institutions and companies such as Jenzabar, Unify
FusionAuth provides enterprise-ready auth, registration, login, MFA, SSO, user management and more. 100% free for unlimited users. Built for developers, it installs in minutes for any size web or mobile application from start-up to unicorn to enterprise. FusionAuth provides secure, single-tenant, on-prem or private cloud identity with social login, custom emails with localization, customizable registration branding, group-based authentication and more. Deploys on macOS, Linux, Windows, and cloud
Akku is an Identity and Access Management (IAM) solution that is packed with features including single sign-on, password policy enforcement, IP- and device-based restrictions, multi-factor authentication and YouTube filtering. It provides enterprises with complete control over data access and privacy on the cloud while ensuring that they stay compliant to statutory industry standards. Akku also offers a dedicated deployment support service, without the need for a third-party system integrator,
IBM Security Verify, formerly Cloud Identity, helps organizations infuse identity as a central pillar of a zero trust strategy to provide both a frictionless and secure experience for every user. Verify delivers a modernized, modular IAM platform that leverages unparalleled context for decisions about who should be able to access what, with AI-powered, risk-based authentication. It takes a highly consumable, API-first approach with a robust, guided developer experience to fit custom needs, while
HelloID is Tools4ever’s cloud-based Identity and Access Management solution that provides user account provisioning, self-service workflows, and single sign-on. With HelloID, your organization can ensure efficient and secure user management, simplified access to resources, and compliance to industry-specific laws and regulations, all while reducing the manual time-consuming tasks from your IT department.
The free open source Gluu Server enables organizations to centralize their authentication and authorization service and leverage standards such as OpenID Connect, UMA, and SAML 2.0 to achieve federated single sign-on (SSO), strong authentication, and web and API access management.
Ilantus’ Compact Identity (CI) is a disruptive technology solution which offers Access Management as well as Identity Governance and Administration utilizing high-powered analytics and business intelligence. It is a holistic solution to Identity and Access Management (IAM) that is simple to implement and use. CI is the first product in the industry that was architected to deliver not only Access Management but also IGA, PAM, business to consumer functions, end point to mobile management and pers
OneTool lets you effortlessly manage and monitor SaaS in one place: 1-click user management & spend analytics for every app your employees are using. Our IT-Admin-Dashboards allows your IT-admin to control the users access rights across the different departments and to provision new users and also provides your organization with one centralized billing and manages all the users in your account jointly.
Single sign-on (SSO) software is a user authentication solution that helps companies secure access to business applications and assets. It does so while also providing end users with a convenient, easy-to-use portal that requires them to only sign in and authenticate once in order to access multiple corporate applications and resources.
SSO software works by sharing authentication sessions between a trusted identity provider, which manages digital identities, and applications. In practice, commonly an identity provider requires the user to log in and authenticate; the identity provider then shares this authentication session with other applications by passing digitally signed tokens for the receiving application to verify that it is coming from a trusted provider prior to granting the user with access to the application. If the user identity token is accepted, the user is automatically granted access to the application.
The main reasons companies use SSO software is to both improve security and enhance the end-user sign-on experience, whether that be internal employees, end customers, or corporate business partners. SSO software also centralizes user access management, thus reducing the security management burden on administrators. Using an SSO solution, IT administrators can reduce or eliminate common time-consuming tasks like password resets. SSO products contain features that benefit both end users and administrators. For end users, this includes an easy-to-use user portal, intuitive authentication, and often a mobile application. For administrators, these solutions often include an identity directory or directory integrations, multiple multi-factor authentication (MFA) methods, audit features, and prebuilt application integrations.
What Does SSO Stand For?
SSO most commonly stands for single sign-on. The acronym SSO is less frequently used to describe same sign-on, which is different from single sign-on; same sign-on does not rely on trusted tokens, but rather credential sharing. Rarely, the acronym SSO is used to describe single sign-out.
Other common acronyms people may encounter regarding SSO products include:
FIM: federated identity management, of which SSO is a part
IAM: identity and access management
IdP: identity provider
JWT: JSON Web Token, a protocol commonly used in business to consumer (B2C) SSO applications
LDAP: lightweight directory access protocol, an open protocol used for directory services authentication
MFA: multi-factor authentication
OIDC: OpenID Connect, an authentication protocol
OAuth: an open standard authentication protocol
SAML: Security Assertion Markup Language, an open standard used for SSO solutions
Business to employee (B2E)
Companies use B2E SSO solutions to securely manage their employees’ access to corporate accounts, provide an easy to use user experience, and reduce user need for IT administrators services.
Business to business (B2B)
Companies use B2B SSO solutions to enable their business partners and corporate customers to best utilize the company’s services, using the partner or corporate customer’s preferred identity providers.
Business to consumer (B2C) or customer identity and access management (CIAM)
In B2C or CIAM use cases, customers are able to sign into other accounts and connect them to the business’ app to provide an SSO experience. Most commonly, customers authenticate using social media identity providers like Facebook or Google enabling them access to connected accounts.
The following are some core features within SSO software that can help users and administrators.
User portal: User portals provide an intuitive, easy-to-use end-user interface.
Mobile app: Many SSO solutions offer a mobile app for end users to both authenticate and access the SSO solution from their mobile devices.
MFA methods: Most SSO providers offer multiple authentication methods to end users, from software or hardware token-based authentication, to mobile push, passwordless authentication, biometric authentication, or one-time passcodes (OTPs).
Adaptive or contextual access: Some SSO software offers advanced authentication tools, such as adaptive or contextual access. Using machine learning to understand a user’s contextual use of the SSO product, such as location, IP address, time, and other real-time factors to create a user baseline profile. This profile is then used to determine anomalous access activity to prevent access when risk is deemed too high.
Directory or integration: To assist with user provisioning and management, SSO software either integrates with common directories, such as Microsoft Active Directory, LDAP-based directories, or Google Cloud Directory or they offer their own cloud directories built into the SSO software.
Prebuilt integration application catalog: SSO solutions commonly provide prebuilt integrations to commonly used SaaS applications, which are available on an application catalog.
Role management: SSO solutions assist administrators with user provisioning and assigning permissions based on user role for access control.
Audit features: Audit features provide administrators audit logs to monitor user access.
Increases security: The main benefit of using an SSO solution is for securing user access to company applications and other resources through user authentication.
Reduces password authentication risk: Since users must only sign in and authenticate once to access multiple applications, SSO solutions reduce the risks associated with poor password management and using only a single factor for authentication.
Saves users time and frustration: SSO solutions reduce the number of logins end users such as employees or customers must remember and SSO solutions reduce user frustration when switching between multiple applications once authenticated.
Saves administrators time and money: Users are able to access their accounts in one centralized location, reducing the number of calls to administrators for password resets, saving time and therefore money on labor costs.
Seamless experience across assets: SSO solutions reduce login friction for end users once authenticated and give them access to multiple accounts.
Centralizes consumer profiles: SSO software consolidates end-user experiences in one tool to provide a centralized view of end-user or customer data.
Systems administrators: Systems administrators are responsible for deploying and managing a company’s SSO solutions.
Employees: Employees are end users of SSO software in a B2E use case to sign on and authenticate with the user portal to access their corporate accounts.
Customers: Customers are end users of SSO software in a B2C use case and sign in and authenticate using an identity provider, often a social media account, to access a business’ applications.
Business contacts: Companies may use SSO software to enable their business partners and corporate customers to securely authenticate and access the company’s assets, often with multiple identity providers.
Related solutions that can be used together with SSO software include:
Identity and access management (IAM) software: For employee use cases, IAM software offers broader identity solutions, of which SSO is often a part. IAM software authenticates users, provides access to systems and data based on company policies, tracks user activity, and provides reporting tools to ensure employees are in compliance with company policies and regulations.
Customer identity and access management (CIAM) software: For customer use cases, CIAM software provides robust identity functionality. CIAM software enables businesses to centralize and manage customer identities, preferences, and profile information at scale, while offering customers self-registration options.
Password manager software: Password managers are secure repositories that store individual user passwords, much like a vault. SSO software is different from password managers because SSO software provides authentication prior to granting a trusted token, not an actual password, for access to an application.
SaaS operations management software: SaaS operations management software tools enable businesses to manage, govern, and secure their SaaS product portfolios; many of these tools integrate with SSO solutions to manage user permissions.
SaaS spend management software: This software enables companies to manage SaaS utilization to identify cost savings. Many of these tools integrate with SSO solutions to manage end-user utilization of SaaS subscriptions.
Software solutions can come with their own set of challenges. Issues to consider include:
Legacy applications: SSO tools may not integrate with legacy applications; a solution to overcome this may include password vaulting tools within the SSO software to provide the end user with ease of use, despite not technically functioning as SSO regarding authentication.
High availability: It is important that the SSO provider has high availability to avoid users being locked out of their systems; with applications managed centrally with an SSO solution, any downtime can prevent end users from accessing their applications and resources. If a company has mission-critical applications that must be available 24/7, many companies will not integrate these tools with SSO providers and instead log in and authenticate separately.
All companies can benefit from securing their login process to corporate assets.
Companies securing employees: Companies of all sizes that want to secure their employees’ access to corporate applications use SSO software.
Companies securing customers: Companies that want to enable their customers to provide self service to securely authenticate and login to applications use SSO software.
Companies securing partners: Companies that want to secure their partners and contractors access to corporate applications use SSO software.
Prior to selecting an SSO software service provider or solution, buyers must consider what factors are important to the company, which may include:
End-user use case: Buyers must determine who their end users are—whether employees, customers, or business partners—to determine what kind of SSO solution works best for these constituencies.
Cloud vs. on-premises application support: The buyer should determine what applications and company resources will be connected to the SSO software. For applications that need high availability (24/7), they may not wish to connect those in case of downtime with the SSO provider. Many SSO providers offer prebuilt integrations with the most popular business software. If the business has applications that are custom built, legacy, or on premises, those may need integrations built to connect with the SSO. Another workaround would be to use a password vault within an SSO solution for legacy applications that are difficult to connect.
Federation protocols: If the organization needs to integrate with multiple identity providers outside of the organization, especially for authenticating business partners, FIM can achieve this. Federation protocols include SAML 1.1, SAML2, WS-Federation, OAuth2, OpenID Connect, WS-Trust, and other protocols.
Authentication type: The company should ensure that the authentication types it’s employees, customers, or partners will use are supported by the SSO solution of choice. This may include software or hardware-token based authentication for employees and OTPs via email, SMS, or phone for customers, among many other authentication methods. Many SSO solutions now offer contextual or risk-based authentication measures to learn user behaviors, identify patterns, and thus provide risk-based assessments when the authentication process does not meet typical patterns.
Mobile app: If end users will access corporate applications from mobile devices, ensure the SSO software provider’s mobile app meets particular business needs.
Developer support: Buyers must ensure the SSO provider has the developer support the team requires, including software development kits (SDKs) and application programming interface (API) lifecycle management functions, particularly for B2C SSO use cases.
Meets security standards: SSO is a security tool providing users with authenticated access to their company resources. It is important that the SSO service provider meet security standards that are important to the company, which may include ISO 27017, ISO 27018, ISO 27001, SOC 2 Type 2, and others.
Create a long list
Buyers should create a long list of software solutions by researching on g2.com, by reading real-user reviews, seeing how vendors compare on G2 Grid® reports, and saving the software selections to “My List” to reference them in the future. Using g2.com, users can learn about which solutions are most often used in the geographic market and which ones are best for every business segment size—whether that is for small, medium, and enterprise businesses.
Create a short list
After creating a long list of vendors, buyers must do further research to narrow down the selections. Using g2.com’s compare feature, they can stack specific software up side by side to learn about how real users of the software rate their functionality. G2 also has quarterly reports showcasing users’ perception of return on investment (in months), the software provider’s average implementation time in months, usability scores, and many other factors.
Up next is time to demo the products. Many vendors enable buyers to contact them directly from g2’s website by clicking the “Get a quote” button on their product profile. Buyers must prepare for each demo by having a standard list of questions and clarifications to ask each vendor.
Choose a selection team
Single sign-on software impacts users across the business—from employees, customers, business partners, IT teams, infosec teams, and more. The company’s software selection team should include people representative of these groups. They must start with three to five people to join the selection committee and clearly define project roles.
It is important to know how many licenses are needed, as pricing often depends on the number of licenses the buyer purchases and the length of time they purchase it for. Often buyers can get discounts if they purchase large blocks of licenses for a longer duration. They must be sure to negotiate not just on price, but also implementation. Companies may be able to get free or reduced implementation services or ongoing support, as well.
Before making a final choice, buyers should check if they can get a trial run of the product to test adoption with a small sample size of users. If the tool is well used and well received, the buyer can be confident that the selection was correct.