How does authentication work without SSO?
Without single sign-on, each website maintains its own database of users and their credentials. This is what happens when you try to log in to an app or website:
The website first checks to see whether you’ve already been authenticated. If you have, it gives you access to the site.
If you haven’t, it asks you to log in and it checks your username and password against the information in its user database.
After login, the site passes authentication verification data as you move through the site to verify that you are authenticated each time you go to a new page.
The authentication verification data is usually passed as either cookies with session data or as tokens, which don’t track the session and are faster to process.