SAML 2.0 SSO Workflow

The SAML 2.0 SSO workflow is displayed in the following figure:

SAML 2.0 SSO Workflow


Workflow

  1. The end user uses a web browser to request a resource from the service provider (your appliance). For example, the end user clicks on the spam quarantine link in a spam notification.

  2. The service provider redirects the request to the web browser with SAML authentication request.

  3. The web browser relays the SAML authentication request to the identity provider.

  4. The identity provider authenticates the end user. The identity provider displays a login page to the end user and the end user logs in.

  5. The identity provider generates the SAML assertion and sends it back to the web browser.

  6. The web browser relays the SAML assertion to the service provider.

  7. The service provider grants access to the requested resource.