0Pricing
Cryptology Academy · Lesson

Modern Identity: SAML, OIDC, and Hybrid Approaches

Explore how organizations are modernizing beyond Kerberos with SAML federation and OpenID Connect.

SAML 2.0 for Enterprise SSO

Security Assertion Markup Language 2.0 (SAML) is an XML-based open standard for Single Sign-On in enterprise environments. Standardized in 2005, SAML allows an Identity Provider (IdP) to issue digitally signed XML assertions to Service Providers (SPs), enabling users to authenticate once and access multiple services without re-entering credentials.

SAML Identity Provider vs Service Provider

In SAML, the Identity Provider (IdP) is the authority that authenticates users and issues assertions. Examples: Okta, Microsoft Entra ID, PingFederate. The Service Provider (SP) is the application that relies on the IdP's assertion. Examples: Salesforce, Workday, ServiceNow. The SP trusts the IdP's signature to grant access.

All lessons in this course

  1. Kerberos Architecture and Ticket Flow
  2. Active Directory and Kerberos Integration
  3. Kerberos Attack Techniques: Kerberoasting and Golden Ticket
  4. Modern Identity: SAML, OIDC, and Hybrid Approaches
← Back to Cryptology Academy