SAML

What is SAML

Before understanding SAML, let's first understand the concepts related to SAML. IDP (Identity Provider): Provides identity management services. SP (Service Provider): An application that utilizes the identity management functions of an IDP to provide specific services to users, also known as a relying party of the IDP. SP-initiated SSO (Service Provider-initiated Single Sign-On): Describes a login initiated by the SP. This operation is triggered when a user attempts to access a resource or logs in directly at the service provider. IDP-initiated SSO (Identity Provider-initiated Single Sign-On): Describes a login initiated by the IDP. The identity provider initiates a SAML response, which is then redirected to the service provider to assert the user's identity. SAML (Security Assertion Markup Language), known in Chinese as 安全断言标记语言. In simple terms, it is a language for expressing assertions in a secure manner. It is an extensible markup language (XML) standard that provides a robust and extensible set of data formats for exchanging data and identity information in various environments. By using SAML, an SP can independently contact an IDP to authenticate users attempting to access secure content.

SAML Features

SAML was created to solve the problem of web browser single sign-on. It not only simplifies the single sign-on process but also provides a common framework for different security systems, allowing enterprises and their suppliers, customers, and partners to securely authenticate, authorize, and exchange basic information.

SAML Diagram