Authentication

SAML 2.0

Security Assertion Markup Language: an XML-based standard for browser single sign-on across security domains. A Service Provider delegates authentication to an Identity Provider, which returns a signed SAML assertion vouching for the user — the user's password never reaches the Service Provider.

Flows

Web Browser SSO (SP-initiated)
Browser-based single sign-on: a Service Provider redirects the user to an Identity Provider, which returns a signed SAML assertion that logs the user in — no password ever reaches the SP.
11 steps →

Flows

Web Browser SSO (SP-initiated)