Microsoft Research finds flaws in SSO for Facebook, Google ID, PayPal and other Web services. The flaws were found by Microsoft Research researchers. The findings highlight the need for API best practices as one of the key issues in Web architecture today. While Web SSO may be convenient, there are big risks taken until these services are fully vetted. Researchers hope the report is a wake-up call for both the developers of websites using the SSO services and those providing the services, who are responsible for hardening the application.”]
Source: https://www.darkreading.com/authentication/web-services-single-sign-on-contain-big-flaws