Discuss this help topic in SecureBlackbox Forum
Authenticate a client on IdP
When a protected resource is requested by a client via its user agent (typically a web browser), the Service Provider (SP) issues an authentication request to the Identity Provider (IdP). This request is delivered to the IdP via the client's user agent using one of SAML bindings. The IdP identifies the client ('principal' in SAML terms) and prepares a response to be sent to the SP. The identification of the principal may be accomplished in a number of ways, for example via an HTML FORM. Upon receip of the response, the SP makes a decision whether to allow access to the requested resource, or not.
All steps described above do not involve direct interaction with the client, except when the login credentials must be entered manually.
