Get Started
  • Home
  • /
  • Single Sign-Off

Single Sign-Off

A security mechanism that allows a Non-Human Identity (NHI) to terminate all active sessions or connections with a single action.

Description

Single Sign-Off (SSO) is a security term that refers to the ability for Non-Human Identities (NHIs) such as automated systems, applications, or services to log out or disconnect from all active sessions across multiple platforms or services simultaneously. This is particularly important in enterprise environments where NHIs are used to manage resources, perform automated tasks, or connect to various services. By implementing Single Sign-Off, organizations can enhance their security posture by reducing the risk of unauthorized access due to lingering sessions. For example, if a service account that has been granted access to multiple systems is no longer needed, an administrator can invoke a Single Sign-Off to ensure that the account is logged out from all systems at once, rather than having to log out of each service individually. This approach not only saves time but also helps in maintaining compliance with security policies that require timely termination of access when it is no longer appropriate.

Examples

  • An automated backup service that can log off from all connected cloud storage accounts at once.
  • A microservice that can disconnect from all APIs it is authorized to access when its credentials are revoked.

Additional Information

  • Single Sign-Off is critical for managing security in multi-tenant environments.
  • It can help mitigate risks associated with session hijacking or credential leaks.

References