SAML is an open standard to allow authentication and authorization request/response exchange.
I normally hear about SP (Service Provider) and IdP (Identity Provider) in SAML (at work). There is a 3rd role involved in SAML, which is the principal (the user).
User will request a service from SP. SP will request an authentication assertion from IdP, then based on the SAML response to decide the access level.
SAML main use case is to support Single-sign on (SSO). The SP and IdP could be from different organization, but "work together" via SAML protocol to make user see them as "one-stop solution".
Some articles for further read.
No comments:
Post a Comment