Single Sign-On is a process that permits network users to access all authorized network resources without having to log in separately to each resource. It allows you to validate usernames and passwords against your database or other client application rather than having separate user passwords managed by Salesforce.
Salesforce provides the following ways to use single Sign-On:
Federated authentication using Security Assertion Markup Language (SML). It allows to send an authentication and authorization data between the unrelated web services. This enables you to log into Salesforce via client application.
It enables you to integrate authentication with your LDAP, and it performs login by using token instead of a password. It can be managed at the permission level by allowing some users to use delegated authentication and some users to use Salesforce-managed passwords.
Benefits of Single Sign-on
Reduced Administrative Costs:
Using single sign-on, users only need to memorize single password for accessing all the network resources including Salesforce. Users are logged in seamlessly, without being prompted to enter a username or password
Leverage Existing Investment
As many companies are using LDAP as their database, removing a user from the network is very easy, by using the single sign-on methodology. Besides, there is no need to set up the user for each application.
Users need to log just into a central system to access the Salesforce and any network resources; so, there is no need to log into each application in the network. It really saves users’ time a lot.
Increased User Adoption:
Since users are not required not use multiple logins and passwords, users are more likely to use Salesforce on a regular basis.
Single Sign-on using LinkedIn
Under Administer section Navigate to Security Controls Auth. Providers and click New, and select Provider Type as LinkedIn, enter the name, URL Suffix, and click Save.
Go to https://developer.linkedin.com, and click My Apps Link from the Main Menu
Step 3: Enter your LinkedIn Credentials
Step 4: Click Add New Application Link
Enter the details for the following fields (Company, Application Name, Description, Website URL, Application Use, Live Status, Developer Contact Email and Phone)
In the Default Scope section, check the r_emailaddress check box, and click the Add Application button.