+xThe SP and IdP are web applications/sites. A user with a browser navigates to one of these sites and initiates SSO. When you say you're just the client, rather than the SP or IdP, could you please elaborate? Do you want to know what URL to use in the browser? If so, you need to ask the vendor. The URLs in the metadata are for SAML communications rather than for a user to browse to to initiate SSO. HM.. Right. Sorry again, I was confused from beginning. So what you are saying is if vendor provides metadata to me, then I need to be one of roles, SP or IdP. If I am purely a web user, then I don't need metadata at all. Am I correct? By the way, thanks for your quick answer!! Also your example is really helpful. cheers,
|