The content on this page is based on the SAML 2.0 core standard established by OASIS.
Service Provider (SP)
Identity Provider (IdP)
SAML Assertions contains
Authorization decision statements
Assertions can be signed and/or encrypted
SP-initiated sign-in: Triggered when the user tries to access a specific SAML-protected resource directly and the SP redirects the user to the IdP. The context of which specific resource the user requests access to is included.
IdP-initiated sign-in: Triggered when the user visits the IdP och then redirects to the SP. Since no context is included on which specific resource is being requested, the user will be redirected to a generic landing page on the SP.