SSO Server POC

Demonstration of Federated Single Sign-On with both redirect-based and silent authentication

🔐 SSO Server
sso.open.gov.sg
Central authentication server handling login and token management

Available Endpoints:

  • /sso/authorize - Authorization endpoint
  • /sso/token - Token exchange
  • /sso/silent-auth - Silent authentication
  • /sso/login - Login page
Authentication Approaches
This POC demonstrates both SSO approaches mentioned in your documentation

✅ Redirect-based SSO

  • • Standard OIDC/OAuth2 flow
  • • Works in all browsers
  • • Visible redirect (brief)
  • • Highly reliable

🔄 Silent Authentication

  • • iframe-based with postMessage
  • • Seamless user experience
  • • May be blocked by browser policies
  • • Requires fallback mechanism