Single Sign-On (SSO) is a process allowing network users to access all the authorized network resources without logging into each resource individually. Single Sign-On allows validating usernames and passwords against a single secured authentication system such as Microsoft Active Directory or Lightweight Directory Access Protocol (LDAP) implementations. Due to this, when a Salesforce environment is configured to use SSO authentication, the need to manage the passwords of Salesforce user login credentials individually is eliminated.
Types of Single Sign-On
The following are the two most common types of Single Sign-On:
Delegated Authentication is the process of validating user credentials by calling an external Web Service, this Web Service would verify user credentials against a user directory, such as an LDAP (Lightweight Directory Access Protocol) server or a Microsoft Active Directory server.
Federated authentication is the process of validating user credentials against an Identity Provider such as Microsoft Active Directory Federated Services (ADFS) 2.0 or OneLogin. This process uses SAML 2.0 (Security Assertion Markup Language), an industry standard for secure integrations.
First, make sure that you read our document which has been created by our doc team. This is a super document which clarifies not only SSO but related terminology around it. Here is the quick reference