Q:
- How SAML SSO Logout works on Aruba Central?
A:
- For SAML SSO solution with Aruba Central, we must configure a valid SAML authorization profile in the Aruba Central portal which is very much described under Documentation > Support for SAML SSO
- SAML SSO can be done using different IdP providers like Metadata, Microsoft ADFS, Clearpass, etc.,
Key Elements of SAML SSO:
- Service Provider (SP)—The provider of a business function or service; For example, Aruba Central. The service provider requests and obtains an identity assertion from the IdP. Based on this assertion, the service provider allows a user to access the service.
- Identity Provider (IdP)—The Identity Management system that maintains identity information of the user and authenticates the user.
- SAML request—The authentication request that is generated when a user tries to access the Aruba Central portal.
- SAML Assertion—The authentication and authorization information issued by the IdP to allow access to the service offered by the service (Aruba Central portal).