SAML 2 For Web Explained In Simple Words
I was working on this project a while ago related to SAML Protocol for SSO (Single Sign On) feature. Well, simply to put it into words I had to read a lot to understand how this amazing protocol works and how to use its features.
To start, I will explain what is SAML. SAML is a short Security Assertion Markup Language , meaning its a protocol used to enable authentication and authorization of services between two main services providers that are integrated with each other (SSO), something similar to what some services have like facebook/google login.
The difference here is that this is setup between a company A (ex. PostsNStuff) and a company B (ex. ImportantBusinessPeople). let’s say company ImportantBusinessPeople wants its employees to use a service they integrated with PostsNStuff. but, they want their employees to use that service using the same credentials they have in company ImportantBusinessPeople. this is where the integration of authorization and authentication happen between ImportantBusinessPeople and PostsNStuff happens. I hope I drew a clear picture up there.
To make things easier we’re going to call the companies: IBP (ImportantBusinessPeople) and PNS (PostsNStuff)