Hello there!

Need Help? We are right here!

support
miniOrange Support

Thanks for your inquiry.
One of our representatives will get in touch with you shortly via email.

SAML - Security Assertion Markup Language
miniOrange acts as an identity provider and lets an enduser login to access services provided by service provider.

What is SAML?

Security Assertion Markup Language (SAML) is an XML standard that allows secure web domains to exchange user authentication and authorization data. Using SAML, an online service provider (SP) can contact a separate online identity provider to authenticate users who are trying to access secure content.

Why SAML?

Benefits of using SAML:

SAML Single Sign-On (SSO) FLOW:


saml-sso


SAML Assertion

Identity Provider sends the XML document (SAML Assertion) to the service provider (SP) which contains the user authorization.
There are three different types of SAML Assertions –

An assertion consists of one or more statements. For single sign-on, a typical SAML assertion will contain a single authentication statement and possibly a single attribute statement. Note that a SAML response could contain multiple assertions, although its more typical to have a single assertion within a response.

The SAML specification defines three roles:

In the use case addressed by SAML, the principal requests a service from the service provider. The service provider requests and obtains an identity assertion from the identity provider. On the basis of this assertion, the service provider can make an access control decision - in other words it can decide whether to perform some service for the connected principal.

Let us take an example to show you how to configure miniOrange Self-Service Console as a service provider by accepting a SAML assertion generated by the miniOrange IDP.

Also, you can configure miniOrange Self-Service Console as a service provider (SP) with Other Identity Providers (IDPs) like Okta, OneLogin, Azure AD, Auth0 etc.

SAML vs. OAuth

OAuth is a slightly newer standard that was co-developed by Google and Twitter to enable streamlined internet logins. OAuth uses a similar methodology as SAML to share login information. SAML provides more control to enterprises to keep their SSO logins more secure, whereas OAuth is better on mobile and uses JSON.Facebook and Google are two OAuth providers that you might use to log into other internet sites.