SAML 2.0: Difference between revisions
Jump to navigation
Jump to search
| Line 21: | Line 21: | ||
<br> | <br> | ||
If you already have a session and want to access a second service provider no credentials are prompted for and you are logged in automatically. | If you already have a session and want to access a second service provider no credentials are prompted for and you are logged in automatically. | ||
==History== | |||
Here is a timeline for some of the protocols in use today. | |||
[[File:Authentication Timeline Procols.png]] | |||
Revision as of 00:52, 17 July 2021
Introduction
What is SSO (Single Sign On)
Some definitions
- Authentication Verifying an identify
- Authorization Verifying user has permission and access
- Federation is when authentication is happen across multi vendor apps
SSO is the ability to authenticate via one authority.
Benefits are
- Authentication under your control (Audit, turn off/on etc)
- One set of credentials
- Login once per session
SAML
SAML stands for Security Assertion Markup Language and defines the syntax and processing semantics of assertions made about a subject by a system entity.
In SAML the thing providing the service is the Service Provider (SP) e.g. HR System and the thing providing the Authentication is the Identity Provider (IdP)
Here is an example for a typical workflow where Citrix is the service provider.
If you already have a session and want to access a second service provider no credentials are prompted for and you are logged in automatically.
History
Here is a timeline for some of the protocols in use today.
