SAML is a standard used for exchanging authentication and authorization data between parties, particularly between identity providers and service providers.
It uses XML-based messages to facilitate the transfer of authentication data. Users are redirected from a service provider to an identity provider for authentication.
Type: XML-based Open Standard
Purpose: Enables secure web-based authentication and authorization.
Flow:
-
User attempts to access a service provider (SP).
-
Redirected to the identity provider (IdP) for authentication.
-
The IdP returns a SAML assertion to the SP, confirming the user's identity.
Use Cases: Frequently used for enterprise applications and B2B scenarios, particularly in organizations needing strong security measures.
Integration: More complex than CAS and OIDC, typically used in larger enterprises with existing infrastructure.
Free
7×24
You may refer to the website below for more information about SAML client configuration:
Remark
The application owner needs to manage access control through the returned attributes.