A company wants to provide its employees with single sign-on (SSO) access to multiple third-party cloud applications. The goal is to have the company's own identity provider (IdP) handle authentication and then pass trusted authentication data to the cloud applications (service providers). Which authentication model fulfills this requirement?
Local user accounts on each service provider
OAuth 2.0 delegated authorization
Security Assertion Markup Language (SAML) federation
Security Assertion Markup Language (SAML) is an open standard designed for federated identity and single sign-on (SSO). It allows an Identity Provider (IdP) to authenticate a user and pass security assertions (XML-based tokens) to a Service Provider (SP), eliminating the need for separate credentials at each application. OAuth 2.0 is primarily an authorization framework, not an authentication protocol. Local accounts are the opposite of SSO, and using a shared secret on each application is not a scalable or standard federation model.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is SAML and why is it used in single sign-on (SSO)?
Open an interactive chat with Bash
What is the role of the identity provider in a SAML setup?
Open an interactive chat with Bash
How is SAML different from other authentication methods like OAuth or OpenID Connect?