I'm working on and off on WS-FED, SAML protocols by supporting federation products, but today i got more clarity then ever, even though i was working on it but got the best clarity today.... Thanks man for such a simple and impact-full video...
I am a cloud Identity support with Microsoft. I am regularly watching your videos so that I can build a flowchart to help me troubleshoot authentication/tokens based issues. THANKS A LOT!! 🙏🏻
It helped a lot thanks.@@ConceptsWork Could you please make a video on "implementing SSO using SAML standard on Azure Active Directory". SAML has always been a confusing topic among people. I believe, your explanation will make it simple.
Are there any prerequisite videos that will explain every jargon and explanation from the grassroots level to understand these concepts for federations and the rest of the protocol? TIA
Very good concepts, but i confused here ! which one shold we refer WS-Fed, SAML,SAMLP, Oauth, Oauth2, Opeidconnect could you please create seriese on this topic please? i personally highloy appriciate your skills and knoledge.
This completely depends upon your requirements, but if I say according to me SAML is more interoperable as compared to WS-Fed and even more secure. Infact, SAML is more widely used as compared to WS-Fed.
I have a question, How an application will know which authentication method should be presented to the user? Do we have to do any configuration at the application end.
Sir, one doubt 11:48 When the user webpage gets redirected to Identity provider, The Identity provider returns a response to the user's web page and this is in-turn sent back to the application ? (OR) The Identity provider sends the response directly to the application (with no user's browser involved) ? Can you please clarify, I am little lost here..
Identity provider sends a response for application, its is the browser because of which all the communication is possible, that's why this kind of flow is called passive auth flow.
This explanation and your scheme can be very confusing for newcomers and make a lot of misunderstanding. The application does not communicate directly with the IdP, but from your picture it seems that this is exactly the case. In fact, the application sends a response back to the client (browser), and then the client (browser) makes a separate request to the IdP for authentication. The IdP in turn returns the token in the response body back to the browser, simultaneously redirecting the client back to the application.
The intent was to explain how the interaction works and protocol differences, there is a dedicated video explaining active and passive flows, thats why i have used browser icons. However thanks for being so specific with the feedback. Also if you have sometime, please watch microsoft zero trust for identity and share your thoughts.
I'm working on and off on WS-FED, SAML protocols by supporting federation products, but today i got more clarity then ever, even though i was working on it but got the best clarity today.... Thanks man for such a simple and impact-full video...
I am a cloud Identity support with Microsoft. I am regularly watching your videos so that I can build a flowchart to help me troubleshoot authentication/tokens based issues. THANKS A LOT!! 🙏🏻
Great to hear!
So much clear on concepts
Subscribed.. Your content is invaluable to me right now and THANK YOU ! for making it. SERIOUSLY!
Just superb! All your videos are so concise and crisp! Well done, please keep assisting with such videos.
Such a clear-headed guy. you made it so simple
Glad it helped 😊
It helped a lot thanks.@@ConceptsWork
Could you please make a video on "implementing SSO using SAML standard on Azure Active Directory". SAML has always been a confusing topic among people. I believe, your explanation will make it simple.
Very crystsl clear and nicely explained with confident voice 👌.
Thanks and welcome
Much useful. Looking forward for more videos
Very Well explained! All your videos are so concise and crisp ! Well done, please keep assisting with such videos.
Glad you like them!
Great job my friend! you did it in a simple to understand way and grasping the concept became easy due to this. many thanks to you for doing this!
Glad you liked it!
Good video! I didnt need to get in-depth with the parameters, but this is a good explanation of federation/ws-fed/saml. Thanks!
Really useful topics and very well explained in all of these videos. Its a GREAT job..
Glad you think so!
Very Concise , Great Videos !!
Thank you very nice comparison! Keep up the good work!
Beautifully Explained
Can't thank you enough for this video.
liked before watching, you're awesome!!
Thank you so much for your explanation. You are a great teacher :D
Another great video.
May I know if you’re gonna start a series on Azure iaas, all your videos are awesome 👏
Are there any prerequisite videos that will explain every jargon and explanation from the grassroots level to understand these concepts for federations and the rest of the protocol? TIA
Fantastic, best explanation I’ve heard
Glad it was helpful!
Thank you very much dear Sir. Lot of respect for this very very important and to the point explanation.
Salute to you Sir.
Thanks and welcome
Clear and concise!
Awesome video.
Hi, please Cover topic on Custom claim rule to add IP ranges in regex format.
very nice, thanks! I economized a lot of research time with your video ;)
Glad it helped!
I love your Videos,they are the Best :-)
Glad you like them!
Excellent explanation.
Excellent, very well explained.
Glad it was helpful!
Very good concepts, but i confused here ! which one shold we refer WS-Fed, SAML,SAMLP, Oauth, Oauth2, Opeidconnect could you please create seriese on this topic please? i personally highloy appriciate your skills and knoledge.
Nice video..thank you.
Thank you so much for sharing this
Wow crisp
Nice one. Could you give some real-time examples of when to use WS-FED and when to use SAML? Is this decision based on on-premise configurations?
This completely depends upon your requirements, but if I say according to me SAML is more interoperable as compared to WS-Fed and even more secure.
Infact, SAML is more widely used as compared to WS-Fed.
I have a question, How an application will know which authentication method should be presented to the user? Do we have to do any configuration at the application end.
Sir, one doubt 11:48
When the user webpage gets redirected to Identity provider, The Identity provider returns a response to the user's web page and this is in-turn sent back to the application ?
(OR) The Identity provider sends the response directly to the application (with no user's browser involved) ?
Can you please clarify, I am little lost here..
Identity provider sends a response for application, its is the browser because of which all the communication is possible, that's why this kind of flow is called passive auth flow.
This explanation and your scheme can be very confusing for newcomers and make a lot of misunderstanding.
The application does not communicate directly with the IdP, but from your picture it seems that this is exactly the case.
In fact, the application sends a response back to the client (browser), and then the client (browser) makes a separate request to the IdP for authentication.
The IdP in turn returns the token in the response body back to the browser, simultaneously redirecting the client back to the application.
The intent was to explain how the interaction works and protocol differences, there is a dedicated video explaining active and passive flows, thats why i have used browser icons. However thanks for being so specific with the feedback. Also if you have sometime, please watch microsoft zero trust for identity and share your thoughts.
Great video. Subscribe and thumb up!