SAML Web Browser SSO (IdP-Initiated)

SAML Web Browser SSO (IdP-Initiated)

Broadly speaking, there are two scenarios in the Web Browser SSO Profile, IDP-initiated SSO and SP-initiated SSO. This diagram introduces the message flows of the IdP-Initiated SSO.


  1. Authentication statements
  2. Attribute statements
  3. Authorization decision statements


  1. Authentication Request Protocol
  2. Single Logout Protocol
  3. Assertion Query and Request Protocol
  4. Artifact Resolution Protocol
  5. Name Identifier Management Protocol
  6. Name Identifier Mapping Protocol


  1. HTTP Redirect Binding
  2. HTTP POST Binding
  3. HTTP Artifact Binding
  4. SAML SOAP Binding
  5. Reverse SOAP (PAOS) Binding
  6. SAML URI Binding


  • Web Browser SSO Profile
  • Enhanced Client and Proxy (ECP) Profile
  • Identity Provider Discovery Profile
  • Single Logout Profile
  • Others

Leave a Reply