Security Assertion Markup Language (SAML) is one of the most widely used open standard for authentication and authorizing between multiple parties. SAML gives users a single sign-on (SSO) experience for applications.
At its core, Security Assertion Markup Language (SAML) 2.0 is a means to exchange authorization and authentication information between services. SAML is frequently used to implement internal corporate single sign-on (SSO) solutions where the user logs into the IDP (identity provider) - a service that acts as the single source of identity which then grants access to a subset of other internal services.
In addition to IDP, SP, and principals which are explained here, the following are more commonly used SAML terms:
SAML provides several methods for certification and trust among the SP and IDP interactions, among them:
Certification - SP and IDP provide each other its public key, which is used with their interactions. Their values are reflected and represented in Fabric SAML configuration as SP_CERT_ALIAS and IDP_CERT_ALIAS.
As part of a pre-established trust relationship process between Fabric and the IDP, Fabric provides to the IDP IT team the signed certificate public key "crt" file to be uploaded at the IDP, and the IDP team sends to the Fabric team the IDP "crt"/"cert" to be located at Fabric.
Encryption - SAML supports several encryption methods where the one most commonly used is SHA-256 (this is also adopted by Fabric).
Trust - SP Entity ID and IDP Entity IDs are transferred upon request and response for trust purposes. In addition, any request is sent with an ID which then can be verified by the SP upon response.
Security Assertion Markup Language (SAML) is one of the most widely used open standard for authentication and authorizing between multiple parties. SAML gives users a single sign-on (SSO) experience for applications.
At its core, Security Assertion Markup Language (SAML) 2.0 is a means to exchange authorization and authentication information between services. SAML is frequently used to implement internal corporate single sign-on (SSO) solutions where the user logs into the IDP (identity provider) - a service that acts as the single source of identity which then grants access to a subset of other internal services.
In addition to IDP, SP, and principals which are explained here, the following are more commonly used SAML terms:
SAML provides several methods for certification and trust among the SP and IDP interactions, among them:
Certification - SP and IDP provide each other its public key, which is used with their interactions. Their values are reflected and represented in Fabric SAML configuration as SP_CERT_ALIAS and IDP_CERT_ALIAS.
As part of a pre-established trust relationship process between Fabric and the IDP, Fabric provides to the IDP IT team the signed certificate public key "crt" file to be uploaded at the IDP, and the IDP team sends to the Fabric team the IDP "crt"/"cert" to be located at Fabric.
Encryption - SAML supports several encryption methods where the one most commonly used is SHA-256 (this is also adopted by Fabric).
Trust - SP Entity ID and IDP Entity IDs are transferred upon request and response for trust purposes. In addition, any request is sent with an ID which then can be verified by the SP upon response.