Common SAML terms

A brief guide to some of the SAML terms - IDP Name, ACS URL, Assertion and Entity URL.

Written by Pradyumna Dinni
Updated over a week ago

IDP Name

  • The IDP name is used to uniquely identify the metadata file associated with your company’s SAML SSO configuration. 

  • It is also used to generate the Assertion Consumer Service (ACS) URL.

 SAML SSO configuration

Assertion Consumer Service (ACS) URL

  • The ACS URL is an endpoint on the service provider (Fyle) that is responsible for receiving and parsing a SAML assertion. 

  • The identity provider (your company) uses the ACS URL to send an XML document called SAML Assertion.

SAML Assertion

The Assertion is the data provided by the identity provider that supplies one or more of the following statements to the service provider:

  • Authentication statements assert that the user specified in the assertion actually did authenticate successfully, and what time they did so.

  • Attribute statements supply attribute values pertaining to the user.  The NameID attribute is required and specifies the username, but other attributes can be manually configured as well.

  • Authorization decision statements declare whether the request to allow the assertion subject to access the specified resource has been granted or denied.

Fyle requires the Email ID of the user to be sent as the NameID attribute in the assertion.

An example assertion looks like this:

Assertion data

Entity URL

  • The entity URL is the service provider’s URL and uniquely identifies the host (Fyle).

  • You require this URL for the SAML SSO configuration on your end.

Did this answer your question?