This article lists the stages involved in Jive authentication through Security Assertion Markup Language (SAML).
SAML is an external authentication method that allows users to access Jive by authenticating to the same Identity Provider (IdP) that they authenticate to in order to access other web applications.
- A user visits Jive and requests a page that requires authentication.
- Jive redirects the user to the configured IdP. The request URL includes a base64-encoded version of some request XML.
- If authentication does not succeed, the user sees a login screen.
- The IdP sends an encoded XML-based response in a redirect to Jive. If the user was successfully authenticated, this response includes the information we need to create a Jive representation of the user.
- Jive parses the XML and validates the necessary signatures, decrypting if necessary. A valid response from the IdP at this point indicates the user has been successfully authenticated.
- Jive parses the XML response from the IdP and creates or updates the user, using any override attributes you specified in Jive. If users have been seeded beforehand and should not be updated, profile sync can be disabled.
- The user is authenticated with Jive and redirected to the requested destination.