Skip to main content

SAML 2.0

Security Assertion Markup Language (SAML) is an XML-based standard for exchanging authentication and authorisation data between security domains. Typically, this exchange happens between an identity provider like Signicat and a service provider (your organisation). SAML is a product of the OASIS Security Services Technical Committee.

SAML is an industry standard protocol for identity management and is supported by most of the biggest actors in the computer industry. For detailed information about SAML 2.0, relevant technical terms and access to several white papers, visit this page on the OASIS website.

Signicat supports the SAML 2.0 standard fully, through a gateway referred to as the 'SAML gateway' or 'SAML2 gateway'. If you are using an identity federation service such as Microsoft AD FS or Oracle Identity Federation, then you are most likely interested in Signicat's SAML2 gateway.

Authentication using SAML 2.0

Signicat's SAML2 gateway provides a solution for end-user authentication over the SAML 2.0 protocol between two parties: you, a service provider (SP), and Signicat, as the message broker to the identity providers (IdP). The SAML2 gateway is integrated within the Signicat eID Hub, which means that you can perform authentications over the SAML 2.0 protocol with all the ID methods supported by Signicat. In this scenario, Signicat acts as the single point of integration between your application and the third-party identity providers (also known as ID methods).

To get started with end-user authentication using the SAML 2.0, go to the Set up SAML guide.

Using a federation service

If you rely on a SAML 2.0 federation service to establish connections with Signicat, you need to configure Signicat also in your federation service. Examples of such federation services are:

  • Microsoft Active Directory Federation Services (AD FS)
  • Oracle Identity Federation (OIF)
  • SimpleSAML, a PHP-based solution developed through a project led by UNINETT in Norway.

The IdP, and other communication parameters between SP and IdP, should be configured in this SAML 2.0 federation service. After the SAML 2.0 configuration is established, you will need to define the SAML 2.0 configuration in the federation system.

Guides

External references