16
Request/Response
•Typically, a service provider issues a request to an
identity provider, and the
identity provider responds (with an assertion).
•Scenario: A user attempts to access a resource at a
service provider's
website. The service provider must
determine whether to allow
it. So, without the user knowing, the
service provider requests
information from an identity provider.
The identity provider
responds with a SAML assertion. Based
upon the assertion the user is
or isn't allowed to access the item.
Identity
Provider
Service
Provider
request
response
1
2
3