Broadly speaking, there are two scenarios in the Web Browser SSO Profile, IDP-initiated SSO and SP-initiated SSO. This diagram introduces the message flows of the IdP-Initiated SSO.
Assertions
- Authentication statements
- Attribute statements
- Authorization decision statements
Protocols
- Authentication Request Protocol
- Single Logout Protocol
- Assertion Query and Request Protocol
- Artifact Resolution Protocol
- Name Identifier Management Protocol
- Name Identifier Mapping Protocol
Bindings
- HTTP Redirect Binding
- HTTP POST Binding
- HTTP Artifact Binding
- SAML SOAP Binding
- Reverse SOAP (PAOS) Binding
- SAML URI Binding
Profiles
- Web Browser SSO Profile
- Enhanced Client and Proxy (ECP) Profile
- Identity Provider Discovery Profile
- Single Logout Profile
- Others