A system for single sign-on to a plurality of computing applications is provided. The system includes a plurality of enterprise applications, a policy server, and an authentication data store maintaining authentication information for the enterprise applications. The system also includes internal and external user authorization data stores that maintain user authorization information for the enterprise applications. A synchronization component synchronizes to a consolidated data store information from the internal and external authorization data stores and eliminates duplicate user information. To access a first enterprise application, the user's information is authenticated against the authentication data store and authorized against the consolidated authorization data store. To access a second enterprise application, the user is not required to sign on again since the previously entered user information is used to authenticate the user, and the consolidated data store is automatically checked to determine the user's authorization level for the second enterprise application.