Justin He means, for those who don’t know, going to an URL😅, that is a web address on the internet.

This made my day

@@Godlystriker Mine too! lol

lol

Yeah I found that so distracting I actually had to rewind the video! :) I wonder if he reads out web addresses like it's 1999 too? Aitch-tee-tee-pee, colon, forward-stroke, forward-stroke.....

lol I caught that too.

Yeah I immediately paused the video and went to the comment section after I heard Earl

@@nickgilbert1264 Thats funny :DD

shikagohan credentials

Hi Vishal, for inquiries please reach out to our Support Community (support.pingidentity.com/s/community-home). Thank you!

Your account is in the IdP. The connections between service providers/cloud providers/apps hosted in the cloud utilize SAML to authenticate users in your idP. Take for example an application hosted in AWS but your IdP is Azure. The SAML connection is between AWS and Azure. YOU create your user's account or assign the role to a group and provide the connection role to the AWS application within Azure. When the user attempts to use the app in AWS, it will go to the IdP and request the validation and follows the process as described in the video above. Most folks now are using ADFS (AD Federated Services) as a two-factor front-end for the user. They authenticate with their UN and pass and then follow the 2FA steps. Once in, they can be routed wherever. Usually to a dashboard within Azure or you can replace it with your own portal, whatever you want. The applications that user has access to can be displayed or linked on that page. The user simply clicks on the link and boom SSO takes over behind the scenes using SAML instead of then having to enter additional creds at the application. BASIC example: User logs in to portal.mycompany.com. They auth using their UN and pass and then 2FA. They are routed to the page after ADFS steps in and completes that process. Then they click on...say...ADP. ADPs connection to the IdP (Azure in this case) is auth'd through SAML. User simply clicks on the ADP button, boom, in to their ADP profile. It works, it's more secure, easier on the management, faster for the user, less chance of phishing or vishing attacks or even social attacks to get authentication. They are in, the SAML connection keeps the connection protected, and the internet footprint of authentication for your organization is HIGHLY reduced. Win win win...and another win lol.

@@visionflightsim . Shouldn't it be mentioned that the user needs to first authenticate with IDP first?

@@murmur2410 sometimes. It's not a recommended security practice to mention it at the outside. The users are told internally. Only thing on the outside is the banner that states "screw you don't connect to my stuff...blah blah blah". No evidence to your setup should ever be available on the outside.

User accesses SP SP checks with IdP if use is valid **SP->IdP** -not logged in SP redirects to IdP IdP validates user User returns to SP SP checks with IdP if use is valid **SP->IdP** -receives user info SP Authentication continues