SSO works through a central authentication server that validates the user's credentials. Once authenticated, this server provides access tokens or session cookies that allow the user to access multiple applications without needing to log in again. Various protocols, such as SAML (Security Assertion Markup Language) and OAuth, are often used to facilitate this process.