Single sign-on (SSO) solutions are designed to manage and secure access to SaaS applications. By integrating with a company’s identity provider (IdP), SSO allows teams to authenticate an identity to multiple applications via a single log-in. By reducing the number of access points and employee credentials, SSO reduces a company’s attack surface and makes it easier for IT and security teams to provision and revoke access to applications via the IdP.
SSO is undeniably a useful security tool, but that does not mean it can secure all access to a company’s SaaS apps. Today’s employees work from anywhere, adopt their own SaaS and generative AI apps, and increasingly interact with AI agents as much as human coworkers. This freedom has fueled a generational leap in productivity, but it has also widened the Access-Trust Gap. The Access-Trust Gap refers to the security risks posed by unfederated identities, devices, applications, and AI-powered tools accessing company data without proper governance controls.
Even companies with SSO continue to struggle with untrusted forms of access and an overall widening of the Access-Trust Gap. It’s clear that, while SSO solutions still play a role in access management, they alone cannot adequately address the complexities of managing access for the modern workforce.
For teams considering adopting SSO or looking to supplement their existing solution, this article explores the various complexities that impact which users and identities SSO can secure for a given company. The article will then explore solutions that can supplement or replace SSO, in order to secure the identities that it leaves unseen and unmanaged.
Since 1Password® Extended Access Management also helps secure access to SaaS apps, this article will also compare its approach and capabilities to those of SSO.
SSO does not secure access for every user
Companies often assume that if SSO manages an app, it can’t be accessed any other way. Unfortunately, this is far from true, and many users and identities can still access applications outside SSO’s oversight.
Superadmins have alternate means of accessing applications
In 2022, the SSO vendor OneLogin experienced a four-hour outage. During that time, most users could not connect to the SSO portal. As Sumeet Wadhwani reported for Spiceworks, “The outage was profound because it barred employees from logging in and accessing applications, some of which could be business-critical.”1
SSO solutions, like any software, can suffer outages or interruptions to their service. However, since SSO is the single point of access guarding company apps, it can also be the single point of failure. Any disruption to it can represent a considerable risk to company productivity.
As such, most companies with SSO will also have superadmin and “break-glass” accounts. These users can typically access critical applications outside the SSO through more standard login flows. This is a necessary safeguard to enable some access to those critical applications in emergencies, but these superadmin users may be authenticating through insecure methods like passwords, which are vulnerable to compromise. And if a superadmin needs to be offboarded, then the offboarding flow afforded by SSO will not work.
Superadmins usually have a great deal of access to sensitive data within company applications. It’s imperative that those accounts be managed and that IT and security can oversee them and revoke their access when necessary.
Partner or contractor accounts can’t always be added to SSO
Users outside the company – like external partners or independent contractors – cannot always be easily added or offboarded from SSO.
For one thing, SSO solutions are often tied to companies’ specific email domains. Email accounts outside that domain can’t be verified or provisioned through the SSO.
Issues like this are common across SSO and IdP solutions. Some vendors allow for the creation of guest users and accounts, but these can pose their own risks, with one report finding that “over 37% of Azure accounts have at least one overly permissive guest user.”2
Provisioning SSO access can also be overly complex for managing contractor identities, which may need to be able to enter and leave an organization quickly. WorkOS advises, “For cases where external contractors can not be added to the organization’s IdP, a Multi-factor Authentication (MFA) requirement can be set as an enforcement fallback. This is sometimes a reasonable compromise if many contractors rotate in and out of the organization.”3
However, this compromise invites risk, as evidenced by the 2022 Uber hack, where the attacker was able to bypass the MFA safeguards on a set of stolen contractor credentials. From there, they could leverage that access to steal administrator credentials with full access to Uber’s cloud environments.
SSO doesn’t see legacy users
When a company rolls out SSO, IT and security admins can typically set authentication policies requiring users to access certain apps through the SSO. Unfortunately, SSO doesn’t oversee legacy user accounts, especially those created before SSO enforcement or those tied to unintegrated systems. These accounts often persist in overlooked SaaS tools, unmanaged cloud environments, or shadow IT that was not included in the initial rollout.
There may also still be active accounts from users who have already left the company before SSO adoption, whose accounts are unlikely to be included in any enforcement policies. These accounts rarely trigger alerts, fall outside SSO’s governance policies, and are easily missed in traditional audits, yet they often retain access to sensitive data. The result is a growing surface of unseen, unmanaged risk.
SSO can’t secure AI agents
Agentic AI represents a new generation of AI-powered software. Autonomous agents generate outputs, make decisions, and independently interact with enterprise systems.
A real-world example is the increasing use of AI-driven financial automation in enterprises. An AI-powered expense management system may need secure and controlled access to corporate banking data, payroll records, and approval workflows.
Provisioning that access poses many complications. SSO was built for humans, but agentic AI does not operate like a human, and it can’t be secured like one. These agents don’t log in through browsers, can’t use FIDO2 keys or biometric MFA, and don’t support SAML flows. So to grant them access, developers often hardcode secrets into scripts, disable MFA, or borrow employee credentials. All of this creates massive blind spots and compliance risks that SSO can’t prevent or even see.
Just as unsanctioned SaaS tools gave rise to Shadow IT, the rise of agentic AI is driving a surge in Shadow AI. AI agents operate outside IT’s visibility, often with access to sensitive data and systems. Without centralized identity-aware credential governance, they access systems using shared credentials and create data exposure risk.
Here are just a few of the security risks tied to agentic AI:
Bad actors can steal SSO session tokens
SAML or other session tokens are certainly more challenging to steal than standard passwords. However, one token can also represent the keys to the kingdom, as it provides access to multiple company applications. That makes them extremely valuable targets to bad actors, who have found various ways of compromising SSO tokens.
Tokens are typically stored as cookies in users’ browsers and can be stolen through adversary-in-the-middle and pass-the-cookie attacks. As CSO John A. Smith points out, employees’ personal devices pose a particular risk when they can access corporate SaaS apps. “Personal devices also have browser caches but do not have to pass the security rigor of corporate systems. They are more easily compromised by threat actors who can capture tokens directly from poorly secured personal devices.”4
Another method of token theft is through compromising the IdP or SSO providers themselves. For example, a 2023 Okta breach resulted in the exposure of their customers’ session tokens.5
In an even more harrowing 2023 incident, bad actors stole a Microsoft signing key and used it to validate forged authentication tokens. As the U.S. Cyber Safety Review Board reported, “…when combined with another flaw in Microsoft’s authentication system, the key permitted… full access to essentially any Exchange Online account anywhere in the world.”6 The bad actors were able to compromise the email accounts of high-ranking government officials in multiple countries.
SSO supplements and alternatives for identity security
Whether a team has already deployed SSO or is looking into implementing it, they will also need to consider supplementary solutions to secure the identities that SSO can’t. Addressing these risks will require more than federation; it demands a shift toward continuous access visibility and lifecycle oversight – capabilities that go beyond what SSO was ever designed to deliver.
Secure authentication requires device trust
Teams need systems that go beyond SSO in order to ensure that critical applications are only being accessed by trusted and secure users and devices. 1Password® Device Trust Connect provides a phishing-resistant authentication factor in the form of device identity. Users can’t access applications from any device that isn’t trusted and associated with that user – whether that device is company-owned or an employee’s personal “bring-your-own” device (BYOD).
To qualify as “trusted,” a device must first be known by the organization, meaning that devices without the device trust agent can’t authenticate at all. Then, the device must pass a series of device posture Checks according to the organization’s compliance policy. Untrusted devices cannot authenticate to a company’s critical SaaS applications until the security issue is resolved and the device is compliant.
1Password Device Trust has a library of over 100 pre-built checks, which admins can implement to ensure that devices meet requirements like installing the latest OS update, having the firewall turned on, etc. Admins can also write their own custom Checks according to their needs.
This means that bad actors, even with phished credentials, won’t be able to authenticate to systems on an unknown device. Even trusted devices, meanwhile, cannot access systems if they are not compliant with security standards. All of this offers a means beyond SSO to govern access to critical applications.
Lifecycle management
It’s critical for IT teams to give users and AI agents the level of access they need, when they need it, and to revoke access when it is no longer appropriate. This requires regular audits of user permissions and visibility into all access, including the users and identities outside SSO.
The 1Password Extended Access Management platform secures every sign-in, to every application, from every device, which enables it to manage access to applications and identities that are invisible to SSO. For instance, Trelica by 1Password gives admins the ability to discover, manage, and optimize both managed and unmanaged applications. It also provides visibility into all forms of authentication within SaaS applications – including superadmins and legacy accounts – and provides a truly centralized way to grant and revoke access.
Continuous trust verification
Traditional SSO is built on a single binary event: you log in once, and then you’re trusted. But in today’s environment, that one-time trust model breaks down. Devices can fall out of a trusted state in the middle of a session, and AI agents never “log in” in a traditional sense.
Trust can no longer be a single event. It must be continuously earned. That’s why 1Password Extended Access Management replaces static login-based trust with real-time context-rich verification of user and device status, ensuring that sensitive resources are only being accessed by devices and users that are currently trusted to do so. This helps to manage the risks posed by legacy users and compromised credentials.
Secure credential provisioning
It’s critical that teams demand strong authentication factors for every identity in use, whether that identity is secured behind SSO or not. 1Password Extended Access Management enables your team to see where passwords are still being used at your company. It then uses the 1Password® Enterprise Password Manager (EPM) to facilitate the transition from passwords to passwordless authentication. EPM can, therefore, help discover and enforce secure authentication factors for every account, including legacy or superadmin users.
Unfortunately, AI agents and bots are unable to use many passwordless factors, with biometrics being one obvious example. 1Password EPM includes features to allow developers and administrators to securely provision the necessary credentials and MFA codes to AI apps and agents.
The 1Password EPM includes the 1Password Developer SDK as well, to provide a further solution for AI developers to seamlessly integrate credential storage, authentication, and access management into their development workflows. Through secure vaults and end-to-end encryption for critical credentials like SSH keys, the 1Password SDK ensures that AI agents only retrieve the credentials and secrets they are explicitly authorized to use. This enables app developers to ensure that their applications can only access sensitive information within a secure, policy-driven environment.
SSO can’t manage all access
In summary, SSO is far from a silver bullet for preventing unauthorized access. Many users fall outside its management, and there are various ways that bad actors can compromise SSO authentication. All of the identities that SSO can’t protect (or doesn’t protect adequately) widen the Access-Trust Gap.
In a decentralized world of SaaS, AI, and BYOD, SSO can no longer stand alone. That doesn’t mean that SSO tools lack value; they are merely insufficient and require supplementary solutions to meet the needs of modern hybrid teams. IT and security teams need solutions that can provide seamless and secure access to critical systems, ensuring that every user can stay secure while using the tools they need to be productive.
To secure the modern workforce, teams of every size need to be aware of SSO’s limitations. Only then can they ensure that they’re able to provide secure access for every identity, device, application, and AI agent at their company.
Want to learn more about how 1Password Extended Access Management can enhance or replace traditional security solutions? Reach out for a demo!
https://www.spiceworks.com/tech/tech-general/news/onelogin-single-sign-on-outage/ ↩︎
https://orca.security/resources/blog/detect-guest-user-account-exploited/ ↩︎
https://workos.com/docs/user-management/sso-with-contractors/adding-an-authentication-policy ↩︎
https://www.darkreading.com/cyberattacks-data-breaches/why-tokens-are-like-gold-for-opportunistic-threat-actors ↩︎
https://www.darkreading.com/application-security/more-okta-customers-hacked-through-support-service ↩︎
https://www.cisa.gov/sites/default/files/2025-03/CSRBReviewOfTheSummer2023MEOIntrusion508.pdf ↩︎
Rachel Sudbeck
Content Associate
Tweet about this post