Q: What are the differences between your Standard SSO and Seamless SSO?
A: The Standard SSO feature set gives you a lot, including some level of sharing sessions between apps—this requires setting up one Connected App for each app. Each time a user hits LoginRocket, they will be required to authenticate (whereas with Seamless SSO you can optionally remember sessions and automatically log back in), but you can share the token yourself between apps just fine—just share them directly, without bouncing the user back to LoginRocket. Standard SSO includes support for the redir parameter to deep link users back to the desired page after logging in.
Seamless SSO adds the ability to remember sessions, adds the redirect_uri parameter, and itself will handle handoffs between apps. In this case, each app can rely on LoginRocket to handle the login process, and as long as the user is still logged in, the user will be silently logged into the next app. This is definitely easier and less work than figuring out how to share tokens between apps yourself. Additionally, redirect_uri allows you to login to multiple apps while configuring only a single Connected App, again simplifying configuration (and making it more flexible too).
In practice, Standard SSO means your apps either operate in isolation from one another (no handoffs, but each can still authenticate to the same Realm), or your apps have to have some awareness of each other to facilitate handoffs on their own. Seamless SSO, in contrast, lets AuthRocket handle all of that for you—each app is coded as if it runs in isolation, but AuthRocket will glue everything together to provide a seamless handoff experience between apps.
See also: AuthRocket SSO
Tagged with: standard sso seamless sso redirect handling
Questions? Find a Typo? Get in touch.