that is, an unsolicited element is transmitted from the identity provider to the service provider (via the browser). (The prefix samlp: denotes the SAML protocol namespace.)

In SAML 2.0, however, the flow begins at the service provider who issues an explicit authentication request to the identity provider. The resulting Authentication Request Protocol is a significant new feature of SAML 2.0.

When a principal (or an entity acting on the principal's behalf)

1.Previous
3.Next