Salesforce Developer Security Authentication Saml

salesforce-developer-security

// Salesforce - Developer - Security - SAML:

In Salesforce, federated authentication employs SAML (Security Assertion Markup 
Language) which provides a secure, XML-based solution for exchanging user 
security information between two parties. Currently, there are 2 versions of 
SAML supported by Salesforce: 1.1 and 2.0. By default Salesforce uses SAML 
Version 2.0 because it includes many more features and allows for multiple 
configurations within Salesforce. In this course we will only discuss 2.0, but 
the basic concepts for 1.1 are the same. 

The SAML assertion is the message sent by the identity service that the 
recipient uses for authentication. It provides several strong security features 
such as:

1. All the details of the authentication request are contained in the SAML 
   assertion. 

2. The SAML assertion includes an expiration field so the assertion is not good 
   forever.

3. The details of the assertion are cryptographically validated so that no 
   ampering of the message can take place.

4. A certificate / public key is included in the message so the authentication 
   of the identity service can be validated by the recipient for each request.
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License