SAML - Security Assertion Markup Language

SAML is an open standard to allow authentication and authorization request/response exchange.

I normally hear about SP (Service Provider) and IdP (Identity Provider) in SAML (at work). There is a 3rd role involved in SAML, which is the principal (the user).

User will request a service from SP. SP will request an authentication assertion from IdP, then based on the SAML response to decide the access level.

SAML main use case is to support Single-sign on (SSO). The SP and IdP could be from different organization, but "work together" via SAML protocol to make user see them as "one-stop solution".

Some articles for further read.


Popular posts from this blog

Network Manager

CCSP Domain 2 : Cloud Data Security - Part 1

Secured web server