SAML 2.0

From bibbleWiki
Revision as of 00:52, 17 July 2021 by Iwiseman (talk | contribs) (SAML)
Jump to navigation Jump to search

Introduction

What is SSO (Single Sign On)

Some definitions

  • Authentication Verifying an identify
  • Authorization Verifying user has permission and access
  • Federation is when authentication is happen across multi vendor apps

SSO is the ability to authenticate via one authority.

Benefits are

  • Authentication under your control (Audit, turn off/on etc)
  • One set of credentials
  • Login once per session

SAML

SAML stands for Security Assertion Markup Language and defines the syntax and processing semantics of assertions made about a subject by a system entity.
In SAML the thing providing the service is the Service Provider (SP) e.g. HR System and the thing providing the Authentication is the Identity Provider (IdP)

Here is an example for a typical workflow where Citrix is the service provider.
If you already have a session and want to access a second service provider no credentials are prompted for and you are logged in automatically.

History

Here is a timeline for some of the protocols in use today.

Retrieved from "https://www.bibble.co.nz/mediawiki/index.php?title=SAML_2.0&oldid=5192"