使用单一登录到多域网站

I am very new to this SSO, Kerberos. My aim is to use a single user account to allow the employees to login into various domains(like Github, Gmail, AWS internal wiki's..) and access control over each employee group. I have explored on LDAP, SSO, Kerberos but couldn't understand how to achieve them. Can anyone give a detailed explanation on how to achieve this I am very new to this SSO, Kerberos. My aim is