Revision as of 18:06, 31 July 2024 edit 2404:160:8304:11d:17e7:5d23:f890:f5cd (talk) CCBY-SA 4.0 Tags: Reverted Visual edit ← Previous edit		Revision as of 00:02, 1 August 2024 edit undo Mindmatrix (talk \| contribs) Autopatrolled, Administrators 188,542 edits m Reverted edit by 2404:160:8304:11D:17E7:5D23:F890:F5CD (talk) to last version by Mindmatrix Tag: Rollback Next edit →
Line 16: Before delivering the subject-based assertion from IdP to the SP, the IdP may request some information from the principal—such as a user name and password—in order to authenticate the principal. SAML specifies the content of the assertion that is passed from the IdP to the SP. In SAML, one identity provider may provide SAML assertions to many service providers. Similarly, one SP may rely on and trust assertions from many independent IdPs.{{Citation needed\|date=September 2023}} SAML does not specify the method of authentication at the identity provider. The IdP may use a username and password, or some other form of authentication, including [[~~Multi-factor authentication fatigue attack\|~~multi-factor authentication]]. A directory service such as [[RADIUS]], [[Lightweight Directory Access Protocol\|LDAP]] or [[Active Directory]] that allows users to log in with a user name and password is a typical source of authentication tokens at an identity provider.<ref name="92xv0">{{cite web\|url=http://www.informationweek.com/software/information-management/saml-the-secret-to-centralized-identity-management/d/d-id/1028656? \| title=SAML: The Secret to Centralized Identity Management \|publisher=InformationWeek.com \|date=2004-11-23 \|access-date=2014-05-23}}</ref> The popular Internet social networking services also provide identity services that in theory could be used to support SAML exchanges. == History ==

Security Assertion Markup Language: Difference between revisions