- Contents
SSO Identity Providers Technical Reference
Web Browser Single Sign-On profile and bindings
The Web Browser Single Sign-On profile is common in web applications and includes the following bindings:
-
HTTP Post
-
HTTP Redirect
|
Step |
Description |
|
1 |
The User Agent attempts to access a resource on the Service Provider. |
|
2 |
The Service Provider determines which Identity Provider should authenticate the access request. |
|
3 |
The Service Providers sends an <AuthnRequest> message to the selected Identity Provider through the User Agent. |
|
4 |
The Identity Provider authenticates the Principal (user credentials). |
|
5 |
The Identity Provider issues a <Response> message to the Service Provider through the User Agent. |
|
6 |
The Service Provider either allows or denies the access request to the User Agent based on the <Response> message from the Identity Provider. |