Use case: Single Sign-On (SSO) for Enterprise Applications

Goal: To allow users to access multiple enterprise applications with a single set of login credentials.

Actors:

  • User: An employee or authorized user who needs access to multiple enterprise applications.
  • Identity Provider (IDP): A system that authenticates the user's credentials and provides access to multiple applications.
  • Service Provider (SP): The individual application that requires authentication and authorization.

Preconditions:

  • User is authorized to access the enterprise applications.
  • IDP and SP are configured to support SSO.
  • User has been registered in the IDP and granted appropriate access permissions to the SP.

Steps:

  • The user opens a web browser and navigates to the IDP login page.
  • The IDP authenticates the user's credentials against its user directory and verifies their identity.
  •  The IDP generates a security token and sends it to the user's browser.
  • The user's browser presents the security token to the SP during the login process.
  • The SP verifies the security token and checks if the user has the necessary permissions to access the application.
  • If the security token is valid and the user has the necessary permissions, the user is granted access to the application.
  • If the security token is invalid or the user does not have the necessary permissions, the user is denied access to the application.

Postconditions:

  • The user is able to access the enterprise applications without having to provide separate login credentials for each application.
  • The IDP and SP maintain a trust relationship that allows for secure and efficient communication between systems.

Alternative Scenarios:

  • If the user is not authorized to access the application, the IDP will deny access and the user will be presented with an error message.
  • If the IDP is unavailable or experiencing technical issues, the user will not be able to access the enterprise applications.
  • If the SP is not configured to support SSO or the security token is invalid, the user will be denied access to the application.
Shape Thumb
Shape Thumb
Shape Thumb