...
A User requesting for some resource or service
A Service Provider (SP) that receives the request and provides the service or access to the resource
An Identity Provider (IdP) that authenticate the user and asserts the user identity
SSO can be implemented through different protocols, being SAML and OpenId Connect the most widely used.
...
The user (usually a trough a web browser) requests a resource to a Service Provider (SP)
If a valid security context does not exist, the SP redirects the user agent to the Identity Provider’s (IdP) SSO Service
The user agent issues a request to the IdP’s SSO Service to identify the user (if there’s not a previous security context)
IdP validates the request and responds to the user agent
The user agent sends the “authentication” assertion to the SP
The SP processes the assertion and redirects the user agent to the requested resource
The user agent requests SP for the requested resource
Finally, SP returns the resource to the user agent.
SAML 2.0 Metadata
...
Info |
---|
After SSO activation, you will get the URL you need to configure Kiuwan as a SP in your IdP (see section Kiuwan’s metadata configuration in ADFS here ). |
Close the page and .. voilà ! Your Kiuwan SSO configuration is done!!
...