Posts

Showing posts from December, 2022

SAML and Federation

Image
  SAML (from PingIdentity) SAML (Security Assertion Markup Language) is an open authentication standard that makes  single sign-on (SSO)  to web applications possible. SSO allows users to sign on to multiple web-based applications and services using a single set of credentials. Designed to simplify user sign-on experiences, SAML is most widely used in enterprise organizations and allows users to access applications and services that they pay for.  Most importantly, SAML sign-on experiences are secure because user credentials are never transmitted. Instead, they’re handled by  identity providers (IdPs) and service providers (SPs) :   The IdP stores all of the user credentials and information necessary for authorization and provides it to the SP, when requested. It's the IdPs’ job to say, “I know this person, and they should be able to access these resources.”    The SP hosts the applications and services that users want to access. These applications or services might include email p