Authenticating with SAML¶
- SAML Authentication Process Overview
- Identity Provider Initiated SSO
- Service Provider Initiated SSO
- Single Log Off
- Identity Provider Initiated SLO
- Service Provider Initiated SLO
- Configuring SAML at the System Level
- SAML Admin
- Configuring SAML at the Instance Level
- SAML Configuration Reference
The SAML (Security Assertion Markup Language) adapter provides Single Sign On (SSO) and Single Log Off (SLO) in your deployment. SAML works by using Identity Providers (IdP) and Service Providers (SP):
Identity Provider: A trusted system that provides single sign-on for users to access other websites.
Service Provider: A website that hosts applications and grants access only to identified users with proper credentials.
Liferay DXP instances can serve as either Service Provider (SP) or Identity Provider (IdP).
A single Liferay DXP instance is either the SP or the IdP in your SSO setup; it can’t be both. You can, however, use separate instances for both purposes (for example, one instance is the SP and another is the IdP).
You can jump right to configuring SAML or learn how it works: