![]() User Experience: Users can access multiple Service Providers by signing in just once, without additional authentication, allowing for a faster and better experience at each Service Provider. Standardization: Being an open standard, SAML makes systems interoperability possible. What makes SAML worth your time? As mentioned in this more technical tutorial, benefits include: Your company's system checks that assertion and lets the user access.ĭevelopers occasionally question why they should implement the SAML protocol. The partner's system authenticates the user and provides them with a SAML Assertion. Since that user doesn't belong to your company, your company's system redirects the user to the partner's system to get proof of identity. The partner's employee tries to access one of your company's applications. Using SAML, after a preliminary configuration that establishes trust between the two systems, you can replicate the international traveling scenario. Let's say that a company partner has a similar organization, and for a specific project, a few partner's employees need to access one or more of your company's applications. Let's say you work in a company that has multiple applications, but a centralized point for user authentication. You can replicate this real-world scenario in a computer system. the USA as a country is the Service ProviderĬonsider that the USA accepts passports only from countries with which it has made preliminary agreements.the officers at the border, representing the USA government, are the Relying Party,.the traveler's home country is the Identity Provider.These check the passport validity and the identity data on it and decide to let the traveler come in or not. ![]() Once the traveler has their passport, they can prove their identity to the officers at the border. If the traveler has no passport, they are redirected to their home country's government to get one. When they arrive at the border, they are asked for their passport in order to authenticate and possibly authorize their access. Think of a traveler wishing to come from their home country to the USA. ![]() email address, name, phone, etc.Ī real-world analogy would be the international traveling scenario. The service requesting and receiving data from the Identity Providers (IdP) is known as the Relying Party (RP) and the user identity data, encapsulated in the SAML Assertion, is in the form of attributes, e.g. SAML is an XML-based authentication protocol in which Identity Providers (IdP) - entities that manage and store user credentials - exchange digitally signed XML documents ( SAML Assertions) allowing an end-user to access a **Service Provider **(SP), such as the collection of apps that you use every day at work or a website. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |