The Pragmatic Programmer

Appian, Pega, Java, DevSecOps, Quality Engineering

SAML for Single Sign-On (Appian)

https://docs.appian.com/suite/help/21.2/SAML_for_Single_Sign-On.html

Overview

Security Assertion Markup Language (SAML) is an XML-based specification for exchanging authentication information online, typically to establish single sign-on (SSO) and single logout. This article describes how SAML works with Appian and how to configure SAML in the Appian Administration Console.

How SAML Works with Appian
In the SAML specification, there are three roles:

  1. Principal (User) – the client attempt to connect to a service.
  2. Identity Provider (IdP) – the provider of identity information and authentication.
  3. Service Provider (SP) – the provider of the requested service.

Using the SAML model, the user attempting to connect to Appian is the Principal (User), Appian is the Service Provider (SP), and the customer is the Identity Provider (IdP).

Single Sign-in

For a typical SP-initiated login, when a user attempts to connect to Appian, Appian redirects the user’s browser to the IdP. The IdP makes an authentication decision and returns that decision to the user’s browser, which then sends that decision to Appian. Appian acts on that decision, either permitting or denying the user access to the requested resource without the user having to manually sign in.

,