Single Sign On (SSO) uses a role-based security model where each employee is given one or more of the roles below and each role has unique access rights depending upon the context of the role.
Each employee of an A&M System member has the SSO Employee role for logging into web applications such as Workday, TrainTraq, Canopy, Maestro, Time & Effort, and many others. Some employees may also have Department or Central Administrator roles to administer the security for their department or workstation in the web applications accessed through SSO.