Sharpen provides for third-party single sign-on (SSO) through Google, Microsoft and Okta. The Sharpen platform supports SAML and OAuth to provide for single sign-on functionality.
...
Our customers can log into the app via the normal means, a username and password, or they can log in using Single Sign-On. We offer three options for SSO: Microsoft, Google, and Okta. In the most general sense, we use these companies as a trusted service to identify who is logging in. If a customer has an account with Google, for example, they log into the Google portal and are recognized as a valid Google user. We have a script that uses a Google API to return information, in this case the email of the authenticated user, and then searches for that email in our database. If there’s a match, the user is logged in. This example applies to any one of these companies. To gain access to Microsoft, Google, or Okta’s services, Sharpen’s development team has registered a client app for our platform through each provider. We use the client app’s credentials with every request we make to the provider services. This ensures that we are who we say we are since we have registered the app on our provider account and that we can securely use their services. Even though there is an overall similarity between the SSO providers, there are two types of authorization standards. For Google and Microsoft, we use OAuth 2OAuth2.0 and for authorization. For Okta , we use SAML for authentication.The SSO for Microsoft is utilizing Azure Active Directory.
...