SAML 2.0 is a relatively flexible and generic specification, which allows it be used in many different scenarios and use cases. It comes with a certain level of complexity.

The SAML 2.0 specification is described in four documents:

  • SAML 2.0 Core – Describes basic SAML assertions and protocols.
  • SAML 2.0 Bindings – Describes various types of HTTP calls supported by the protocol.
  • SAML 2.0 Profiles – Describes a set of profiles (use-cases), each one defining a set of calls made through one of the bindings to exchange SAML messages.
  • SAML 2.0 Metadata – Describes the format of the metadata XML files that must be exchanged between identity and service providers in order to establish mutual trust.

Carbon Black EDR supports a subset of functionality that is described in these specifications:

  • Supported SAML 2.0 Bindings :
    • HTTP Redirect Binding – Section 3.4
    • HTTP POST Binding – Section 3.5
  • Supported SAML 2.0 Profiles:
    • Web Browser SSO Profile – Section 4.1