nerdexam
Cisco

300-810 · Question #155

What submits credentials to the LDAP server during a call that uses SAML SSO?

The correct answer is D. IdP. In SAML SSO, the Identity Provider (IdP) is the authentication authority. When a user submits their username and password to the IdP's login page, the IdP - not the browser, not the SP, and not UCM - takes those credentials and validates them against the LDAP/Active Directory ser

Single Sign-On for Collaboration Applications

Question

What submits credentials to the LDAP server during a call that uses SAML SSO?

Options

  • ACisco UCM server
  • Bservice provider
  • Cbrowser-based client
  • DIdP

How the community answered

(31 responses)
  • A
    3% (1)
  • B
    3% (1)
  • D
    94% (29)

Explanation

In SAML SSO, the Identity Provider (IdP) is the authentication authority. When a user submits their username and password to the IdP's login page, the IdP - not the browser, not the SP, and not UCM - takes those credentials and validates them against the LDAP/Active Directory server. The Service Provider (SP) never sees the user's raw credentials; it only receives a signed SAML assertion after the IdP has already authenticated the user. This credential isolation is a core security benefit of SAML SSO.

Topics

#SAML SSO#Identity Provider (IdP)#LDAP authentication#Authentication flow

Community Discussion

No community discussion yet for this question.

Full 300-810 Practice