SAML - Security Assertion Markup Language SAML, developed by the Security Services Technical Committee of "Organization for the Advancement of Structured Information Standards" (OASIS), is an XML-based framework for exchanging user authentication, entitlement, and attribute information. SAML is a derivative of XML. The purpose of SAML is to enable Single Sign-On for web applications across various domains.
SAML is supported for paid organizations, which host their domain through Zoho Mail . An organization administrator can configure the SAML URL and the public key for the organization. When a user in the organization, logs with the custom URL, say mail.yourdomain.com, the URL will be redirected to the configured SAML URL or the IDP provided for SAML request and login validation.
The IDP validated the authentication details and return back a SAML response to Zoho, specific for the user. If the response is successful, the user will be authenticated in Zoho, and the session will be initiated.
SAML Registration Process:
The configuration details for the SAML are generally provided by the third party provider or a SAML supported system like Active Directory.
The parameters required for SAML configuration includes:
Login URL: All the Organization users will be re-directed for custom authentication.
Logout URL: The URL has to be re-directed when users are signed-out from Zoho services under SSO.
Change password URL: Identity Providers' password reset URL, which will be called when the user tries to reset the password in Zoho.
Public key: Key used to decode the response message sent by the Identity provider. Save the Key in a text file and upload it to configure the SAML for the organization.
Once you have set up the SAML process, with the details provided by the SAML provider, you need to login using your custom URL for authentication. This will redirect your authentication to your provider automatically.