300-810 · Question #155
What submits credentials to the LDAP server during a call that uses SAML SSO?
The correct answer is D. IdP. In SAML SSO, the Identity Provider (IdP) is the authentication authority. When a user submits their username and password to the IdP's login page, the IdP - not the browser, not the SP, and not UCM - takes those credentials and validates them against the LDAP/Active Directory ser
Question
What submits credentials to the LDAP server during a call that uses SAML SSO?
Options
- ACisco UCM server
- Bservice provider
- Cbrowser-based client
- DIdP
How the community answered
(31 responses)- A3% (1)
- B3% (1)
- D94% (29)
Explanation
In SAML SSO, the Identity Provider (IdP) is the authentication authority. When a user submits their username and password to the IdP's login page, the IdP - not the browser, not the SP, and not UCM - takes those credentials and validates them against the LDAP/Active Directory server. The Service Provider (SP) never sees the user's raw credentials; it only receives a signed SAML assertion after the IdP has already authenticated the user. This credential isolation is a core security benefit of SAML SSO.
Topics
Community Discussion
No community discussion yet for this question.