For Group Edition
Security Assertion Markup Language (SAML) is an open standard for exchanging authentication and authorisation data between parties, in particular, originating from a principal, the messages exchanged between identity provider and a service provider.
The SAML specification defines three roles:
- the principal (typically a human user via a web browser)
- the identity provider (IdP)
- the service provider (SP)
Operoo acts as the service provider. Identity providers can take many forms, one of which is a self-hosted Active Directory Federation Services (ADFS) server.
In the primary use case addressed by SAML, the principal requests a service from the service provider. The service provider requests and obtains an authentication assertion from the identity provider. On the basis of this assertion, the service provider can make an access control decision and decide whether or not to perform the service for the connected principal.
For more information, read this article on Security Assertion Markup Language