When the user launches the application, a SAML assertion is created and is valid for 30 seconds. The 30 seconds is also referred to as the Time to Live (TTL). The generated assertion is posted into the web-based service using the URI browser string in the end user's browser. The service will decode the SAML assertion, verify that it's valid, verify the certificate, and then authenticate the user.
The user does not need to enter a username or password, as they are simply authenticated automatically to the web application.
There are different levels of SAML integration as follows:
Single Sign-On (SSO): SSO using the existing AD credentials
Provisioning: Automatic creation and deletion of users
In this example, we will set up an SSO connection to Salesforce from Horizon Workspace. The process will be different, depending...