- Stores and manages digital identities
- it’s a core component of identity and access systems
- to handle authentication
Identity providers
- Activde directory
- Okta
- Auth0
- etc…
SAML
- when you try to access a Service Provider (a service that needs to authenticate/authorize you)
- it redirects to your organization IdP
- the IdO authenticates and you (user/password) and issues a SAML assertion (a digital signed XML document)
- this assertion contains your authentication status and attributes (email, roles etc…)
- the IdP sends this assertion to the service → and provides you access