With solution-to-solution authentication, the goal is to assign an SSO user to each of the solutions. In this use case two solutions communicate with each other. Before they start to communicate they must prove each other's identity. The solution that initiates communication requests from the SSO server issues a SAML token which asserts its identity. As part of this request the solution proves its identity using its own private key. After the SSO server has issued a token the solution can use that token to access any other solution as if it is a normal user. For this use case to work, each solution must be registered with its public key in the SSO server. The following figure illustrates this use case.