What is Single Sign On?

SSO for Users

What does SSO stand for?

SSO stands for "Single Sign-On".

What is Single Sign-On?

Single Sign-On is a service which allows users login with their Sheridan username/password from a single trusted location and gain access to many web services.

Who can login to Sheridan's SSO service?

Anyone with a Sheridan account can login. However, participating web services may only be accessible to some individuals depending on the nature of the application and the identity of the individual.

How long is my session good for?

Your session is good for 8 hours. This is why it's very important to logout when finished, to prevent unauthorized access to your services.

How do I logout?

You logout by closing all open browser windows. It is very important that you log out when you have finished using the computer, particularly if the computer is in a public place. If you don't logout then subsequent users of the computer may be able to access many applications as you, even if they weren't the applications you were using.

What are the advantages of SSO?

Why should I check the SSO URL before typing my password?

Before entering your username and password into the Sheridan's SSO login form you should check that the web address of the page being displayed begins with The reason for checking the URL is to make it more difficult for a malicious person to fool you into supplying your username and password by setting up a page that looks like the Sheridan's SSO login page. By routinely checking the URL of the login page you help to reduce that risk. This is especially important when logging in to services that you have not used before.

Should I trust other applications asking for my Sheridan password?

You should be very wary of any web page that asks for Sheridan username and password and should always take steps to be sure that the application is what it claims to be and that it has a legitimate reason for asking for your password. Sites should have a URL begining with "https://" (meaning that they encrypt network traffic) and you should recognise the server as being on the Sheridan network. Even sites within the Sheridan domain should not be trusted unthinkingly. Where you have influence, please encourage developers of applications and web maintainers to use SSO instead of local authentication mechanisms. (A document about " SSO for Developers" is available.)

How can I use SSO to authenticate my own web applications?

A document about "SSO for Developers" is available.

Top of page