Getting Started with SAML 2.0
SAML is one of the most established SSO protocols, found in many organizations. This course will teach you how SSO using SAML works, how the various request and response messages fit together, and what to look for in a modern SAML implementation.
What you'll learn
A common phrase is that “SAML is dead” and this has been the case for almost a decade. However, SAML continues to be one of the most used Single Sign-On (SSO) protocols around, especially with large enterprises and government institutions. In this course, Getting Started with SAML 2.0, you’ll learn how the SAML protocol works and what to look for in a modern SAML implementation.
First, you’ll explore the basics of SSO and the SAML authentication process.
Next, you’ll take a deep dive into the protocol implementation, understand the various SAML message types, binding types, and how to read SAML metadata.
Finally, you’ll learn how to choose a modern SAML implementation that adheres to current security best practices.
When you’re finished with this course, you’ll have the skills and knowledge of SAML needed to integrate with a SAML identity provider or service provider, and how to debug your way out of any SAML integration issue.
Table of contents
- Introduction 1m
- The SAML Web SSO Profile 4m
- SAML Authentication Requests 9m
- SAML Responses & Assertions 9m
- The SAML NameID 2m
- XML Digital Signatures 6m
- SAML Redirect Binding 3m
- SAML POST Binding 1m
- SAML Artifact Binding 5m
- Single Logout (SLO) 3m
- The Trickiness of Single Log Out (SLO) 3m
- SAML Metadata 5m
- Demo: Example Integration 4m
- Summary 1m
About the author
Scott Brady is a software developer specializing in identity and access management. Focusing on ASP.NET, Scott has increasingly found himself in undocumented territory, piecing together the facts and attempting to pass them on so that others don't have to go through the same. Scott currently work as a Senior Software Engineer for Rock Solid Knowledge and is a contributor to the IdentityServer OSS project, the leading OpenID Connect and OAuth framework for .NET.