How SSO Works with SAML Authentication

Article Number:020432

With SAML authentication enabled, Kintone uses SP-initiated SSO. The following bindings are used for the SAML request and SAML response:

  • SAML request: HTTP Redirect Binding
  • SAML response: HTTP POST Binding

The following illustrates steps for Kintone to authenticate a user:

Diagram illustrating an SSO flow using SAML authentication

  1. The user accesses Kintone.
  2. Kintone generates an SAML request.
  3. The user receives the SAML request from the SP.
  4. The IdP authenticates the user.
  5. The IdP generates an SAML response.
  6. The user receives the SAML response from the IdP.
  7. Kintone receives and verifies the SAML response.
  8. If the SAML response is OK, the user has completed the login to Kintone.