Business Strategy Execution
Specializing in Technology and Operations
SAML – Simply Explained
Security Assertion Markup Language, or SAML, is a standardized way to use a centralized directory of users, like Azure Active Directory, to securely allow access to external applications and services. SAML makes single sign-on (SSO) with external applications and service possible. SAML is an interoperable standard — it is a widely accepted way to communicate a user's identity to cloud service providers.
Below is a diagram that demonstrates the SAML authentication process.
A user accesses a cloud application, like a CRM, that requires them to login.
The application is configured to send a SAML authentication request to an Identify Provider like Microsoft Azure Active Directory (AAD).
AAD prompts the user for their credentials – username, password, and possibly Multi-Factor Authentication (MFA) like a PIN from an app on their smartphone.
The user enters their credentials to be validated by AAD.
AAD validates the credentials and sends a confirmation to the application.
The user is granted access to the requested application or services.