SAML Concepts - Profile: Difference between revisions
Jump to navigation
Jump to search
Line 23: | Line 23: | ||
* [[SAML Name Identifier Management Profile|Name Identifier Management Profile]] | * [[SAML Name Identifier Management Profile|Name Identifier Management Profile]] | ||
* Name Identifier Mapping Profile | * Name Identifier Mapping Profile | ||
* Attribute Profiles: | * Attribute Profiles (rules for mapping attributes expressed in SAML to another attribute representation system): | ||
** [[SAML Basic Attribute Profile|Basic Profile]] | ** [[SAML Basic Attribute Profile|Basic Profile]] | ||
** [[SAML X.500/LDAP Attribute Profile|X.500/LDAP Profile]] | ** [[SAML X.500/LDAP Attribute Profile|X.500/LDAP Profile]] |
Latest revision as of 19:18, 21 February 2017
External
Internal
Overview
A profile is essentially a use case for SAML. A profile combines assertions, protocols and bindings to support specific use cases. For example, the Web Browser SSO Profile specifies how SAML authentication assertions are communicated between an Identity Provider and Service Provider to enable single sign-on for a browser user.
More formally, the SAML profile defines a set of rules and guidelines for how to embed SAML assertions into, and extract them from, a protocol or other context of use.
SAML Profiles
- Web Browser Single Sign-On Profile
- Enhanced Client and Proxy (ECP) Profile
- Identity Provider Discovery Profile
- Single Logout Profile ("Single Logout")
- Assertion Query/Request Profile
- Artifact Resolution Profile
- Name Identifier Management Profile
- Name Identifier Mapping Profile
- Attribute Profiles (rules for mapping attributes expressed in SAML to another attribute representation system):
- SAML Token Profile