Last Updated: November 21, 2025
SAML Flow
| Actor | Role |
|---|---|
IdP
|
Authenticate user |
SP
|
Consume assertion |
Browser
|
Relay state |
Commands
Validate signature
Ensure integrity
Check Audience
Match SP
Map attributes
Populate profile
Tips
Use discovery service, keep logouts coordinated, and document metadata versions.
💡 Pro Tip:
Rotate certificates, validate audience/issuer, and limit assertion lifetimes.