SSO refers to Single Sign On. Single Sign On is a scheme that allows users to have one set of credentials and personal data stored on one web property that allows them to log into other web properties. In its most basic form, SSO requires a Service Provider (like a forum) and an Identity Provider or IDP - an application that has access to a database of user info and an authentication application. You already use SSO if you sign onto any site by logging in through GMail, FaceBook, LinkedIn, or Twitter.
User experience
Let's say you are on www.vanillaforums.com, and you click on "Log In With GMail". You are then sent to GMail.com to put in your GMail Email and Password. Once authenticated, you are asked to confirm that GMail can share your profile data with www.vanillaforums.com. You agree, and are sent back to www.vanillaforums.com where you see you are now logged in with your GMail avatar and your name displayed.
What happened? The administrators at www.vanillaforums.com have set up a connection of trust with GMail using some kind of shared secret token and other parameters like agreed-upon URLs. When both parties follow the proper protocol www.vanillaforums.com trusts that when GMail sends you back with your user data that a) the data really is coming from GMail, and b) that you are who you say you are.
Different methods
There are several "flavours", or methods, of SSO. Vanilla has dedicated addons that allow you to easily configure connections to Facebook, Twitter, GMail, LinkedIn. Click on the Social Media tab in the Connections section of the left had menu of your Vanilla Dashboard. For more on these please see this article.
If you have an existing user base stored on one of your web properties you may want to use one of our four SSO addons: OAuth2, SAML, JSConnect or JWT SSO