# Single Sign-On (SSO) Authentication
The federated Single Sign-On (SSO) system enables users to authenticate to one domain or platform and access connected domains without logging in again each time. The Federated Identity Management (FIM) system facilitates organizations to share user identities and user credentials across various domains. Open standard protocols such as SAML, OAuth, OpenID Connect or SCIM ensure that the authentication and sharing of user identities across domains is secure.
Once two or more domains are federated, you can log into one and thus be authenticated and logged in to the others automatically.
## Availability
The feature is especially suited for acquirers and financial/banking institutions that act as acquirers that want to integrate Verifone Central into their solution or offering.
To start the integration process, please contact your [Verifone Sales](/verifone-central-getting-started/verifone-central/help-and-support.md) representative.
To make SSO available, a collaboration between the client’s system admins and Verifone IT department is necessary.
## Benefits
The federated SSO feature provides the following benefits:
* Improves the user experience by enabling easy access to all connected applications
* Saves time
* Provides secure access to all the applications and domains users need, avoiding a cumbersome password management system
## Requirements
To use the federated SSO feature, your corporate identity management system should support one the following technology standards
* SAML
* OIDC
Two platforms that use the standards listed above that most other clients use are:
* Okta
* Azure Active Directory
## Set-up and configuration in Verifone Central
After all the necessary system administration tasks have been completed, the required changes in Verifone Central can also be made.
To configure and activate the federated SSO feature, the Verifone admin will mark the customer organization as a **federated entity**.
Every user onboarded to the organization will be automatically considered a **federated user**. As a result, users will be able to log in to Verifone Central only via the SSO function.
After the organization is marked as federated, the following settings will be applied:
1. All password management capabilities will be disabled for a federated user. As a result:
* The **Change password** and **Reset password** functions will be disabled in Verifone Central.
* Password-related emails (welcome email, reset password email, password expiry email) will not be sent out to federated users.
2. The login function will be disabled, and authentication will be blocked for federated users:
* A message suggesting login from their own internal systems will be sent to federated users when they attempt to log in.
3. Federated users will be redirected to a special page after they log out, and not to the login page.
4. No API Keys-related changes will be needed. A federated user will be able to generate and use API keys like a standard user.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.verifone.com/verifone-central-getting-started/verifone-central/account-management/single-sign-on-sso-authentication.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.