Executive Summary
The Enterprise Single Sign-On (SSO) Playbook is a practical guide to help federal agencies implement or modernize an SSO service for federal employee access to government applications.
SSO is a component of Identity, Credential, and Access Management (ICAM) that agencies use to centralize access to applications. SSO enables end users to log in to multiple applications using extensible multi-factor authentication options.
It also extends capabilities for applications that don’t natively support multifactor authentication.
Other benefits of Enterprise SSO include:
- Supporting IT modernization and cloud adoption projects – Provide a centralized access point to onboard on-premise and cloud applications.
- Supporting remote workforce – Efficiently adapt to any location, various authenticators, and any device workforce.
- Improving user experience – Streamline the user experience across all agency applications configured with the service.
- Reducing identity-related help desk tickets – Allow automated provisioning and deprovisioning or self-service to reduce identity-related help desk tickets.
- Improving security posture – Quickly resolve unauthorized access actions by centralizing authentication and monitoring activity.
Agencies can use this playbook to centralize application access for agency employees and contractors or federate access with other federal executive agencies. Updates to this playbook may include federating outside of the federal executive branch, but it is not included in this current version.
