A Developer's Guide to SAML

This was fantastic! There are too many people out there attempting to post technical instructional videos who don't really have an in depth understanding of the material, or don't know how to explain it. This was a rare find. Thanks for posting!

It's the best video that explains the whole story of SAML. The extraordinary part is explaining "Most common weak points" start from 17:32!

Best thing I found on RUclips for SAML security audit. Thank you very much for detailed information about SAML including the flows.

Okta's technical guides around identity never disappoint!

THE BEST video for developers to keep things secure!

This is the best lecture I have seen including school to online tutorials, I love you!!!

I know this video is old but it's still chock full of information. Thank you for the video sir.

understood SAML from developers' view at last.... very easily... thank you 🦃

Amazing, thank you for all the work you do!

Very well organized guide and superbly presented. You are excellent teacher. Thank you.

Best ever video on SSO... Simply love it

Awesome effort . Very good. Thank you for spending the time to make this presentation

Thank you so much for this. Amazing explanation !

Great, beneficial introduction to SAML, thanks!

Best video on SAML ever!
Kind had to grin at 7:02 where he talks about the convenience feature of saml metadata! Real shame that okta lacks the upload SP metadata feature ;-) this is quite standard for other IDPs

Wow, such a great video. I just wanted to know about SAML and IdP workflow but this was so well explained and entertaining that I had to watch it until the end.

Best explanation... Thank you.

Concepts clearly told and upto Point, Could You do couple of more Videos on QnA involving guys to spend some time along revolving around common Usecases specific to Vendors.

Nice work, Nick!

Amazing video, very clearly explained

Awesome explanation, thanks a lot! Now I understand better this flow!

Great explanations regarding SAML like it.

Nice once. The concept is clear now.
Can you do a video on SAML + NodeJs

Really great explanation! Thank you so much!

very nice, thanks for taking the time!

hello thanks for the explanation it was very helpful i want to know how to configure a saml with a loadbalancer i had problem that the load balancer doesn't sign on the SPs

OktaDev videos are the best ever in explaining the concepts! ❤
Would have been much better if you have explained SAML bindings

Correct me if I'm wrong, but as I understand it SSO only happens when a user performs an Identity Provider Initiation. By providing your credentials to the Identity Provider once, the Identity Provider can send SAML responses toward any application or service you're trying to use.
However, if as a user you're required to start the SAML process with the Service Provider first (Service Provider Initiation), then a SAML Request is sent to the Identity Provider who in turn returns a SAML Response. This interaction is only valid for that one, specific Service Provider, not all Service Providers, meaning that you'd have to repeat this login process again for any other application you might want to use.
In other words, for any Service Provider that requires you to begin the authentication process with itself first, you're going to be redirected somewhere to provide your login credentials. If you have 3 Service Providers asking to begin the process with each of them, then you're not really participating in a Single-Sign-On experience -- Is this correct?

Good video. Could you show viewing and debugging SAML requests/responses in Chrome or FF. Also can you show some examples of claims rules.

Perfect explanation, thanks!

thats what I am looking for..perfect explanation

Awesome explanation!

This has been very helpful!!!

Excellent Sir !

@OktaDev,
In 'Limit the XML Parser" , is the sub heading 'Disable Document Type Definition (DTD) Fetching' wrong and ought to be 'Document Type Definition (DTD) Fetching? ( Felt like that from context )

Amazing explanation 🙇‍♂️

Very well explained. Thanks

Really useful video!
Thanks a lot

Excellent Video. TBH! i was confused earlier on how to read a SAML response.

Simply Superb

@oktadev is there a difference between calculation digest value for saml version 1.0 and 2.0?

Excellent video.

Good one. Thank you.

Fantastic video!

Totally worth it.

Very clear, thanks a lot for that!

How would this change when using a CLP (Central Login Page) external to all of this

Thanks

Fantastic!

very well explained

Very clear

This is the best video explaining SAML

Http artifect binding in SAML , can u explain real use case and which kind of attack gets eliminated and how to use it

Sir can u clarify that all the SP - IP communication is via client browser and not directly between the two parties. Or is there a back channel between the two parties in addition to the client as the intermediary.

Just great awesome explanation

20:58 This could also be mitigated by making sure all the assertions in the SAML response are signed, right?

How to generate SAML request xml? Should the developer of the application generate and supply value on the xml tags?

Great video thank you, well done. However i do have to disagree with you on one thing, using a SSO may be more convenient but it is less secure. The best security IMO is to keep PW under personal care and just find a way to remember them. This is less convenient but the fewer parts involved in security validation the better. It is similar to telling noone your password vrs telling 5 friends with the promise they wont tell anyone. Security is only as good as the weakest link and the more links involved the less secure IMO. I code for SSO but i do not use SSO personally. Each of us must make the choice based on convenience.

Terrific!

thank you so much, grand respect.

Thanks you so much, for explain SAML

Thank you, this is gold

Excellent explanation, thanks. I finnaly understand SAML and difference beetwen this protocol and OAuth/OpenId Connect. I alse recommend watch video about OAuth/OpenId Connect by Nate Barbettini in this chanell

very very very good one

now i understand! great explanation. do you have a video using simpleSamlPhp? thanks in advance

Hi sir, but how system is passing the username / email id in request to validate at IDP

I love u man.
Thanks to you, I'll probably get a better job. I'll keep you updated

great guide - thanks for video

Clean and perfect 🔥

In a project that I'm working in, I want to redirect the user to Azure for validating the user, for that how do I redirect him to Azure and generate SAML SSO authentication req?
How do I generate this XML req in code, didn't find any resources regarding this
Any help would be great. Thanks

i like the security part of the vedio

Good explanation.

Identity Provider means that all users has to be registered there with actual credentials?

simply Wow!!!

why do we need to have user profile at Service provider? I am under the assumption that all user details are only in IDP, and not in SP. why do we need to have user details in SP? In that case, can't we skip SSO and login directly into SP if SP is also having user details. Doesn't having user details in IDP and SP keep information at two places? Can anyone help explain it, please.

Perfect - thanks

27 minutes on youtube sometimes is way better than 4 hours in a lesson room.

Really good

very well explained.

Thank you.

Thank you so much

Great video! :)

Great video

Thanks mate!

Can you explain a bit on how to Validate a signature

Thanks for ur time

Good stuff

Why is he only talking into my right ear?

attrubtes?

this was good , however i need some more info on Canvas vs SAML

This is a good answer to why is still easy to hack a big company :)) . The pour dev has to be extra carefull when configuring the xml parser :)))

ATTRUBTES!!

Well, it's better to walk through a SAML workflow and then explain the SAML terms and concepts. It will be more clear.

Confusing.

It is funny that you speak of OIDC as a replacement for SAML.
Meanwhile Okta still does not support OIDC for SCIM provisioned application, forcing me to learn about this SAML in the first place...

Oauth forever, fk saml

Attrubtes

Really useful intro but bro, I think your sweater was on inside out

What a joke of a system. No one should be using SAML and we just need to migrate away from this shit.

SAML looks like it was made me some old white guys.