Single sign-on (SSO) is a user authentication service that permits a user to use one set of login credentials to access multiple applications and service providers. In addition to the convenient factor, implementing SSO makes user logins more secure as it uses SAML protocol for communication.

Security Assertion Markup Language (SAML) is an open standard that allows identity providers to pass authorization credentials to service providers. SAML uses Extensible Markup Language (XML) for standardized communication between the identity providers and service providers. SAML provides a solution to allow your identity provider and service providers to exist separately from each other, which centralizes user management and provides access to services. In this case,API Gateway is the service provider.

When you log into API Gateway using SSO, both the IdP and API Gateway sessions are created. But when you log out from API Gateway, only the API Gateway session gets terminated, the IdP session gets terminated based on its session timeout configuration. API Gateway does not support Single Logout (SLO).