Most Organizations, such as government agencies, large enterprises and educational institutions, have extended their services and operations to the internet. When they try to bring in Single-Sign-On architecture for legacy web sites of affiliated units, they tend to face complicated issues in modifying systems that were built by various types of technologies and mechanisms. Most of existing Single-Sign-On mechanisms support only one interface protocol. That has produced restrictions on their practice and applications. Systems must establish multiple sets of Single-Sign-On mechanisms to increase the scope of consolidation. This research, based on an already established Single-Sign-On mechanism constructed in the ASP.NET architecture, designs and implements a scalable web-based redirect-model Single-Sign-On architecture based on a multiple Identify Provider (IdP) protocol suite. The architecture makes it feasible to create a flexible environment that could reduce the magnitude of difficulties and increase the chances for legacy web sites to adopt Single-Sign-On mechanism.