McDewey

Multi-vendor documentation library · semantic search · MCP endpoint at /mcp

Page 19

↗ View in doc context
page
19
source
cucm/v15/saml-sso/saml-sso.md
chunk_id
cucm::v15::saml-sso::saml-sso::15

Although Cisco Collaboration infrastructure may prove to be compatible with other IdPs claiming SAML 2.0 compliance, only the following IdPs have been tested with Cisco Collaboration solutions: • OpenAM 10.0.1 • Microsoft ® Active Directory ® Federation Services 2.0, 3.0, 4.0, and 5.0 • Microsoft Entra ID • PingFederate ® 6.10.0.4 • F5 BIG-IP 11.6.0 • Okta 2017.38 SAML Components A SAML SSO solution is based on a particular combination of assertions, protocols, bindings, and profiles. The various assertions are exchanged among applications and sites using the protocols and bindings, and those assertions authenticate the users among sites. The SAML components are as follows: • SAML Assertion: It defines the structure and content of the information that is transferred from IdPs to service providers. It consists of packets of security information and contains statements that service providers use for various levels of access-control decisions. SAML SSO provides the following types of statements: • Authentication statements- These statements assert to the service provider about the method of authentication that occurs between the IdP and the browser at a particular time. • Attribute statements- These statements assert about certain attributes (name-value pairs) that are associated with the user. The attribute assertions contain specific information about the user. The service providers use attributes to make access-control decisions. • SAML protocol: A SAML protocol defines how the SAML requests for and gets assertions. This protocol is responsible for the SAML request and response elements that consist of certain SAML elements or assertions. The SAML 2.0 contains the following protocols: • Assertion Query and Request Protocol • Authentication Request Protocol • SAML binding: A SAML binding specifies the mapping of SAML assertion and/or protocol message exchanges with standard messaging formats or communication protocols like SOAP exchanges. Unified Communications 10.0 supports the following SAML 2.0 bindings: • HTTP Redirect (GET) Binding • HTTP POST Binding • SAML profile: A SAML profile provides a detailed description of the combination of SAML assertions, protocols, and bindings to support well-defined use cases. Unified Communications 10.0 supports the SAML 2.0 Web Browser SSO Profile. SAML SSO Deployment Guide for Cisco Unified Communications Applications, Release 15 and SUs 9 SAML-Based SSO Solution SAML Components