Introduction - SAML SSO

Security Assertion Markup Language (SAML) - Overview

SAML is an XML-based standard for web browser single sign-on (SSO) that eliminates application-specific passwords. SAML uses single-use, expiring, digital tokens to exchange authentication and authorization data between an Identity Provider (IdP) and Service Provider (SP) that have an established trust relationship.

How SAML Works?

SAML provides a secure, XML-based solution for exchanging user security information between an identity provider (your company) and a service provider (adeptia.com). There are three roles involved:

  • an identity provider (the asserting party),
  • a service provider (the relying party relying on the assertion), and
  • a user (the subject of the assertion).

The identity provider is the authority system that holds information about users. The service provider is the system, in this case adeptia.com, that trusts the identity provider's user information, and uses the data to provide access to the service or application. The user and their identity combined are known as the subject.

The IdP stores information about the user in a database.  The user connects to SP and SP delegates authentication request to IdP. The IdP validates the user against its identity database. It then sends a SAML assertion about that user to the service provider. The SP then gives the user access to the application.


  1. Create users in Adeptia and Company's IdP server with same name. 
  2. Company's user access Adeptia Login page and Adeptia calls Company IdP via SAML for authentication.
  3. If user is already logged into Company's IdP then Adeptia receives a SAML response with logged in User ID.
  4. Adeptia takes the User ID and fetches user information from Adeptia User Management and logs the user into Adeptia.