Overview#

The SAML 2.0 specification defines the endpoints that are to be used for partner-to-partner communications but it does not define the way in which users can initiate a single sign-on action using those endpoints.

In a typical implementation there are specially formed URLs that incorporate the single sign-on action to take, the binding to be used for the action, and the location where the action should take place can be used for user-initiated single sign-on actions. These URLs are referred to as profile initial URLs.

Architects and application developers, who will design and implement their users' interaction with the single sign-on process, will need to understand profile initial URLs and incorporate them into their Web applications.

The following sections describe the format of the SAML 2.0 profile initial URLs that are typical within a SAML environment.

Assertion consumer service initial URL (service provider)#

In a SAML 2.0 federation, the assertion consumer service URL can be initiated at the identity provider server site or the service provider site. This topic describes the syntax for initiating single sign-on at the service provider.

Single sign-on service initial URL (identity provider)#

In a SAML 2.0 federation, the single sign-on service URL can be initiated at the identity provider server site or the service provider site. This topic describes the syntax for initiating the service at the identity provider.

Single logout service initial URL#

In a SAML 2.0 federation, the single logout service URL is used by a partner to contact the Single logout profile. The URL to initiate the service has the following syntax:

Name identifier management service initial URL#

In a SAML 2.0 federation, the name identifier management service URL is used by a partner to contact the Name Identifier Management service. The URL to initiate the service has the following syntax:

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-1) was last changed on 17-Nov-2013 10:28 by jim