{"id":169,"date":"2024-04-05T10:25:25","date_gmt":"2024-04-05T10:25:25","guid":{"rendered":"https:\/\/www.lepide.com\/cyber-learning\/?p=169"},"modified":"2024-04-05T10:25:26","modified_gmt":"2024-04-05T10:25:26","slug":"what-is-saml","status":"publish","type":"post","link":"https:\/\/www.lepide.com\/cyber-learning\/what-is-saml\/","title":{"rendered":"What is SAML?"},"content":{"rendered":"\n
\n

How Does SAML Authentication Work?<\/h2>\n\n\n\n

SAML uses XML-based communication between the IdP and SP, enabling the secure exchange of identity and authentication information. It connects user authentication to service authorization, enabling seamless access to services without requiring users to re-authenticate. When a user logs into the IdP using single sign-on, the IdP generates and passes SAML attributes to the SPs the user accesses. This eliminates the need for multiple logins and password management across different systems. The IdP and SPs must adhere to the same SAML configuration, ensuring compatibility in authentication and authorization processes. Configuring both systems correctly is essential for SAML authentication to function effectively and provide a secure and convenient user experience.<\/p>\n\n\n\n

NOTE: SAML 2.0, the current version of the standard approved by the OASIS Consortium in 2005, is incompatible with the previous version 1.1.    <\/em><\/p>\n\n\n\n<\/div>\n

\n

What is a SAML Provider?<\/h2>\n\n\n\n

A SAML provider is an entity that facilitates user access to cloud-based services by mediating the authentication and authorization process. There are two main types of SAML providers: identity providers and service providers. Identity providers are responsible for authenticating users, while service providers require authentication from the identity provider before granting authorization to users. Common identity providers include Microsoft Active Directory and Azure, while common service providers include Salesforce and CRM solutions. SAML providers play a crucial role in improving user convenience and security by allowing single sign-on and multi-factor authentication across different applications and services.<\/p>\n\n\n\n<\/div>\n

\n

What is a SAML Assertion?<\/h2>\n\n\n\n

A SAML assertion is an XML document that contains information about a user’s authorization. SAML assertions come in three types: authentication assertions, attribution assertions, and authorization decision assertions. Authentication assertions prove a user’s identity, providing login time and authentication method. Attribution assertions pass SAML attributes to the service provider, with attributes providing specific user information. Finally, authorization decision assertions indicate whether a user is authorized to use a service, potentially denying a request due to password failure or lack of rights.   <\/p>\n\n\n\n<\/div>\n

\n

SAML Example<\/h2>\n\n\n\n

Let’s say you’re at school and want to use the library computer. The school has SAML set up so that students can log in without a school-specific password. Below is an example of how this works:<\/p>\n\n\n\n

Step 1: Identity Provider (IDP)<\/h3>\n\n\n\n

You start by going to a website that supports SAML, like Google.<\/p>\n\n\n\n

You sign in with your Google account (this is the IDP).<\/p>\n\n\n\n

Step 2: Service Provider (SP)<\/h3>\n\n\n\n

Google then sends a message to the school’s website (the SP) saying, “This person is who they say they are.”<\/p>\n\n\n\n

The message includes the key required to gain access to the persons details.<\/p>\n\n\n\n

Step 3: Login<\/h3>\n\n\n\n

The school’s website checks the key and confirms that it’s valid.<\/p>\n\n\n\n

You are now logged into the library computer without having to enter a separate school password.<\/p>\n\n\n\n<\/div>\n

\n

SAML vs. OAuth<\/h2>\n\n\n\n

OAuth and SAML are both authentication protocols that facilitate secure login procedures. While OAuth was jointly developed by Google and Twitter, SAML offers more granular control to enterprises. Both protocols share similar methodologies for transmitting login information. However, OAuth excels in the mobile environment and uses JSON format. In contrast, SAML provides enhanced security for single sign-on (SSO) logins. OAuth is supported by major social media platforms such as Facebook and Google.<\/p>\n\n<\/div>","protected":false},"excerpt":{"rendered":"

How Does SAML Authentication Work? SAML uses XML-based communication between the IdP and SP, enabling the secure exchange of identity and authentication information. It connects user authentication to service authorization, enabling seamless access to services without requiring users to re-authenticate. When a user logs into the IdP using single sign-on, the IdP generates and passes […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-169","post","type-post","status-publish","format-standard","hentry","category-general"],"yoast_head":"\nWhat is SAML? - Cyber Learning With Lepide<\/title>\n<meta name=\"description\" content=\"SAML is an open standard that allows identity providers (IdPs) to securely pass authorization credentials to service providers (SPs).\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.lepide.com\/cyber-learning\/what-is-saml\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What is SAML and How SAML Authentication Works\" \/>\n<meta property=\"og:description\" content=\"SAML is an open standard that allows identity providers (IdPs) to securely pass authorization credentials to service providers (SPs).\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.lepide.com\/cyber-learning\/what-is-saml\/\" \/>\n<meta property=\"og:site_name\" content=\"Cyber Learning With Lepide\" \/>\n<meta property=\"article:published_time\" content=\"2024-04-05T10:25:25+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-05T10:25:26+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.lepide.com\/cyber-learning\/wp-content\/uploads\/2024\/04\/og-banner-cyber-lean-saml-authentication.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"cybereduadmin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"cybereduadmin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"What is SAML? - Cyber Learning With Lepide","description":"SAML is an open standard that allows identity providers (IdPs) to securely pass authorization credentials to service providers (SPs).","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.lepide.com\/cyber-learning\/what-is-saml\/","og_locale":"en_US","og_type":"article","og_title":"What is SAML and How SAML Authentication Works","og_description":"SAML is an open standard that allows identity providers (IdPs) to securely pass authorization credentials to service providers (SPs).","og_url":"https:\/\/www.lepide.com\/cyber-learning\/what-is-saml\/","og_site_name":"Cyber Learning With Lepide","article_published_time":"2024-04-05T10:25:25+00:00","article_modified_time":"2024-04-05T10:25:26+00:00","og_image":[{"width":1200,"height":600,"url":"https:\/\/www.lepide.com\/cyber-learning\/wp-content\/uploads\/2024\/04\/og-banner-cyber-lean-saml-authentication.jpg","type":"image\/jpeg"}],"author":"cybereduadmin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"cybereduadmin","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.lepide.com\/cyber-learning\/what-is-saml\/#article","isPartOf":{"@id":"https:\/\/www.lepide.com\/cyber-learning\/what-is-saml\/"},"author":{"name":"cybereduadmin","@id":"https:\/\/www.lepide.com\/cyber-learning\/#\/schema\/person\/acdfa91109d06edaf748812cb77ba21e"},"headline":"What is SAML?","datePublished":"2024-04-05T10:25:25+00:00","dateModified":"2024-04-05T10:25:26+00:00","mainEntityOfPage":{"@id":"https:\/\/www.lepide.com\/cyber-learning\/what-is-saml\/"},"wordCount":544,"commentCount":0,"articleSection":["General"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.lepide.com\/cyber-learning\/what-is-saml\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.lepide.com\/cyber-learning\/what-is-saml\/","url":"https:\/\/www.lepide.com\/cyber-learning\/what-is-saml\/","name":"What is SAML? - Cyber Learning With Lepide","isPartOf":{"@id":"https:\/\/www.lepide.com\/cyber-learning\/#website"},"datePublished":"2024-04-05T10:25:25+00:00","dateModified":"2024-04-05T10:25:26+00:00","author":{"@id":"https:\/\/www.lepide.com\/cyber-learning\/#\/schema\/person\/acdfa91109d06edaf748812cb77ba21e"},"description":"SAML is an open standard that allows identity providers (IdPs) to securely pass authorization credentials to service providers (SPs).","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.lepide.com\/cyber-learning\/what-is-saml\/"]}]},{"@type":"WebSite","@id":"https:\/\/www.lepide.com\/cyber-learning\/#website","url":"https:\/\/www.lepide.com\/cyber-learning\/","name":"Cyber Learning With Lepide","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.lepide.com\/cyber-learning\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.lepide.com\/cyber-learning\/#\/schema\/person\/acdfa91109d06edaf748812cb77ba21e","name":"cybereduadmin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.lepide.com\/cyber-learning\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/84a5f28830fbac4b4b885fd5bbaab7df0ca698eb7cbf5cf90163a974cf025380?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/84a5f28830fbac4b4b885fd5bbaab7df0ca698eb7cbf5cf90163a974cf025380?s=96&d=mm&r=g","caption":"cybereduadmin"},"sameAs":["https:\/\/www.lepide.com\/cyber-learning\/"],"url":"https:\/\/www.lepide.com\/cyber-learning\/author\/cybereduadmin\/"}]}},"_links":{"self":[{"href":"https:\/\/www.lepide.com\/cyber-learning\/wp-json\/wp\/v2\/posts\/169","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.lepide.com\/cyber-learning\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.lepide.com\/cyber-learning\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.lepide.com\/cyber-learning\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.lepide.com\/cyber-learning\/wp-json\/wp\/v2\/comments?post=169"}],"version-history":[{"count":1,"href":"https:\/\/www.lepide.com\/cyber-learning\/wp-json\/wp\/v2\/posts\/169\/revisions"}],"predecessor-version":[{"id":170,"href":"https:\/\/www.lepide.com\/cyber-learning\/wp-json\/wp\/v2\/posts\/169\/revisions\/170"}],"wp:attachment":[{"href":"https:\/\/www.lepide.com\/cyber-learning\/wp-json\/wp\/v2\/media?parent=169"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.lepide.com\/cyber-learning\/wp-json\/wp\/v2\/categories?post=169"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.lepide.com\/cyber-learning\/wp-json\/wp\/v2\/tags?post=169"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}