SAML 2.0 is a relatively flexible and generic specification, which allows it be used in many different scenarios and use cases. It comes with a certain level of complexity.
The SAML 2.0 specification is described in four documents:
- SAML 2.0 Core – Describes basic SAML assertions and protocols.
- SAML 2.0 Bindings – Describes various types of HTTP calls supported by the protocol.
- SAML 2.0 Profiles – Describes a set of profiles (use-cases), each one defining a set of calls made through one of the bindings to exchange SAML messages.
- SAML 2.0 Metadata – Describes the format of the metadata XML files that must be exchanged between identity and service providers in order to establish mutual trust.
Carbon Black EDR supports a subset of functionality that is described in these specifications:
- Supported SAML 2.0 Bindings :
- HTTP Redirect Binding – Section 3.4
- HTTP POST Binding – Section 3.5
- Supported SAML 2.0 Profiles:
- Web Browser SSO Profile – Section 4.1