Broadly speaking, there are two scenarios in the Web Browser SSO Profile, IDP-initiated SSO and SP-initiated SSO. This diagram introduces the message flows of the IdP-Initiated SSO.

Assertions

1. Authentication statements
2. Attribute statements
3. Authorization decision statements

Protocols

1. Authentication Request Protocol
2. Single Logout Protocol
3. Assertion Query and Request Protocol
4. Artifact Resolution Protocol
5. Name Identifier Management Protocol
6. Name Identifier Mapping Protocol

Bindings

1. HTTP Redirect Binding
2. HTTP POST Binding
3. HTTP Artifact Binding
4. SAML SOAP Binding
5. Reverse SOAP (PAOS) Binding
6. SAML URI Binding

Profiles

• Web Browser SSO Profile
• Enhanced Client and Proxy (ECP) Profile
• Identity Provider Discovery Profile
• Single Logout Profile
• Others