Allowing users to sign-up to a new service, through a service where they already have an account.
For example, the user can sign-up with their Google account to create a new account in a calendar app. In this scenario Google would be referred to as a single sign-on provider.
- Users can access a service without needing to remember another password
- It’s a fast way to gain access to a new service
- It can be more secure, as single sign-on providers tend to have more security resources to protect accounts
- Users only need to trust the single sign-on provider with data about them
- Gaining access may be more difficult if the user isn’t able to access the other service
- If the account with the single sign-on provider is compromised, the security of linked services is at risk
- The user might not always be aware how the two services might be sharing data
Was this pattern useful?