SAML - Security Assertion Markup Language, developed by the Security Services Technical Committee of "Organization for the Advancement of Structured Information Standards" (OASIS), is an XML-based framework for exchanging user authentication, entitlement, and attribute information. SAML is a derivative of XML. The purpose of SAML is to enable Single Sign-On for web applications across various domains and services.
The organizations setup in Zoho can configure and use SAML for authentication mechanism. The organization administrator can configure SAML using the SAML URLs and the public key provided by the SAML service they have chosen. The administrator also needs to configure the 'custom URL' for their domain users to login.
When a user access the custom URL, the user will be redirected to the configured SAML URL for the login and validation. The IDentity Provider (IDP), returns back SAML response specific to the user after login validation. The SAML response will be decoded based on the certificate file uploaded in Zoho.
If the response indicates successful authentication, the user session is initiated in Zoho.
The configuration details for the SAML are provided by the third party Identity provider (IDP) or a SAML supported system like Active Directory.
The parameters required for SAML configuration includes:
Login URL: All the Organization users will be re-directed for custom authentication.
Logout URL: The URL has to be re-directed when users are signed-out from Zoho services under SSO.
Change password URL: Identity Providers' password reset URL, which will be called when the user tries to reset the password in Zoho.
Public key: Key used to decode the response message sent by the Identity provider. Save the Key in a text file and upload it to configure the SAML for the organization.
Once you have set up the SAML process, with the details provided by the SAML provider, you need to login using your custom URL for authentication. This will redirect your authentication to your provider automatically.