Which option correctly describes an SP-initiated SSO SAML packet flow for a host without a SAML assertion?
A.
Principal contacts identity provider and authenticates, identity provider relays principal to service provider after valid authentication
B.
Service provider contacts identity provider, identity provider validates principal for service provider, service provider establishes communication with principal
C.
Principal contacts identity provider and is redirected to service provider, principal establishes connection with service provider, service provider validates authentication with identity provider
D.
Principal contacts service provider, service provider redirects principal to identity provider, after successful authentication identity provider redirects principal to service provider
In SP-initiated SSO, the principal (user) first attempts to access the service provider. The service provider redirects the principal to the identity provider for authentication, and upon successful authentication, the identity provider redirects the principal back to the service provider with the SAML assertion.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit