PrepAway - Latest Free Exam Questions & Answers

Is this directly supported by SAML?

A web startup wants to implement single sign-on where its customers can log on to the site by
suing their personal and existing corporate email credentials regardless of which company they
work for. Is this directly supported by SAML?

PrepAway - Latest Free Exam Questions & Answers

A.
Mo not without extensive partnering and API integration with all required email providers

B.
Yes SAML is a web based single sign-on implementation exactly fir this purpose

C.
No a better approach would be to use required email providers LDAP or RADIUS repositories

D.
Yes SAML can use oauth2 to provide this functionality out of the box

Explanation:

One Comment on “Is this directly supported by SAML?

  1. meac says:

    DEFINITIONS:
    Application Program Interfaces (APIs), which are tools that make it possible to manage software applications. While invisible to end users, APIs are essential for communication between programs.

    The Security Assertion Markup Language (SAML), is an open standard that allows security credentials to be shared by multiple computers across a network. It describes a framework that allows one computer to perform some security functions on behalf of one or more other computers:
    • Authentication: Determining that the users are who they claim to be
    • Authorization: Determining if users have the right to access certain systems or content

    Strictly speaking, SAML refers to the XML variant language used to encode all this information, but the term can also cover various protocol messages and profiles that make up part of the standard.

    SAML is also:
    • A set of XML-based protocol messages
    • A set of protocol message bindings
    • A set of profiles (utilizing all of the above)
    The single most important use case that SAML addresses is web browser single sign-on (SSO). Single sign-on is relatively easy to accomplish within a security domain (using cookies, for example) but extending SSO across security domains is more difficult and resulted in the proliferation of non-interoperable proprietary technologies. The SAML Web Browser SSO profile was specified and standardized to promote interoperability.[2] (For comparison, the more recent OpenID Connect protocol[3] is an alternative approach to web browser SSO.)

    How SAML Works
    SAML SSO works by transferring the user’s identity from one place (the identity provider) to another (the service provider). This is done through an exchange of digitally signed XML documents.

    So my money is on B- Yes SAML is a web based single sign-on implementation exactly for this purpose
    In addition to that, SAML does not require the use of API for integration as far as I can see




    0



    0

Leave a Reply