Reputation: 41
difference in SAML metadata vs SAML request and response
I am always confused between SAML metadata and SAML request/response between SP and IDP in SSO. To me, it looks same, as both are xml files. Can someone tell me the difference between them and how to generate metadata for SP or IDP?
Thanks
Upvotes: 0
Views: 2256
Answers (1)
Reputation: 5595
SAML metadata is information about parties in a SAML communication. A SP and IdP typically exchange these when first setting up a integration. They contain in formation about how to communicate with each other. The IdP will send one with endpoints, protocols and keys on its side and the SP will do the same.
So the metadata is exchanged ones before any user authentication. When its time to authenticate a user the SP looks in a IdP metadata to understand where and how to send the user to the IdP.
Each user is sent to the IdP using a SAML Authentication Request. Ones authenticated the result of the authentication is sent in a SAML Response.
So, sum. Metadata is sent one to set up integration. SAML request/response is sent ones per per user to authenticate.
I have a post on metadata in more detail. Metadata exchange and trust
Upvotes: 2
Related Questions
- SAML 2.0 Response and the KeyInfo element
- SAML SP Metadata XML SSO, Recipient and Destination URLs
- SAML metadata negotiation process
- Difference between Single Sign-Out and Single Log-Out
- Saml Authentication Request Protocol Id
- SAML 2.0 SP metadata: Purpose and the use of certificate
- Benefits of SAML vs straight HTTP Post
- What is SAML metadata?
- SAML request and response in JAVA
- SAML - Generating Metadata File for Service Provider