Single sign-on (SSO) is a system that allows users to log in to an application once and then log in to other applications connected to the SSO system without having to re-authenticate. If an SSO system is used, users only have to log in once and can then open other systems or services without having to enter their user name and password again.
The TU Braunschweig uses SSO for a variety of applications, e.g. for logging into the central website or accessing the TYPO3 backend of the website. In addition, Stud.IP, the information portal, the digital research announcement or the Webex web conference system also use the SSO system. Further services will follow.
Services connected to the SSO system redirect to a central login page when logging in.
At the TU Braunschweig, you can see this by logging into many services using the same grey login form shown in the first screenshot below.
After entering theTUBS-ID as well as the password and after consenting to the disclosure of personal data (see second screenshot), the user is redirected to the original page of the service. The view for passing on personal data is alway displayed. If you select the option "Remember decision (optional)", this view is no longer displayed for further logins and you can access the respective system without any intermediate step.
After successfully logging in to a service, you are directly logged in to all services connected to the SSO system. This may lead to the unusual behaviour for you that you click on the login button for another service and are directly logged in to this service without any further action or entry of access data. However, this is precisely the purpose and advantage of SSO. This allows you to open other services quickly and without further information and you do not have to enter the same access data several times.
As described above, the purpose of an SSO system is to enable quick and easy login to several connected systems. To log out of a service, on the other hand, there are two different logout processes:
Central logout (also called single logout): If you use this logout, your SSO login will be terminated and you will be logged out of all systems connected to the SSO system.
Please note: If you are logged in to several services connected to the SSO system at the same time and need to log out of all services (because you are sitting at a public computer, for example), you must perform the central/single logout once and also log out of all other services. The central/single logout terminates your SSO login, but it does not automatically terminate your sessions in other services that you have open in parallel.
Note: The logout is implemented differently by the individual SSO services. Some services allow you to distinguish between local and central logout (therefore, in some applications such as the website or, in the future, Stud.IP, you will still see a message after logging out locally that you can also log out of the SSO). Other services do not allow this themselves, but you are free to trigger a central/single logout via the following link at any time, which will log you out of all SSO services.