IdP and SP initiated SAML flows

IdP and SP initiated SAML flows

Identity provider (IdP)-initiated
In an IdP-initiated flow, a user first gets the SAML assertion from the identity provider. Then, the user goes to the service provider (SP) for authentication.

IdP-initiated SAML flow looks like this:

1. A user wants to access an application and goes to their IdP.
2. The user logs into the IdP and chooses the application.
3. The IdP forms a SAML assertion and signs it with the private key of a private/public key pair. (These keys are exchanged between the IdP and SP when SSO trust is set up.)
4. Then, the user goes to the application with the SAML assertion.
5. The application validates the SAML assertion, and upon successful validation, the user is provided access to the application.

Service provider (SP)-initiated
In an SP-initiated flow, a user first goes to the service provider and gets redirected to the IdP with a SAML request. Then, the user is sent back to the service provider with a SAML assertion.

SP-initiated SAML flow looks like this:

1. A user tries to access an application.
2. The application creates a SAML authentication request and sends it to the user's IdP. The user is redirected to their IdP.
3. The IdP asks the user to login and the user gets authenticated.
4. Once the user is authenticated, the IdP sends the SAML assertion to the application's assertion consumer service (ACS) URL.
5. The application validates the SAML assertion, and upon successful validation, the user is given access to the application.



        • Recent Topics

        • Menu Bar

          Hi, Please guide how to change menu bar from vertical to horizontal

        • Create Ticket ignores a list of "secondaryContacts"

          Hi, we're trying to create a ticket, with a contact to be a CC. According to the documentation, it should be a list of IDs in "secondaryContacts". But when the ticket is created, it returns an empty array. Has someone tried it? Thanks for any hint. BTW

        • Zeptomail 136.143.188.150 blocked by SpamCop

          Hi - it looks like this IP is being blocked, resulting in hard bounces unfortunately :( "Reason: uncategorized-bounceMessage: 5.7.1 Service unavailable; Client host [136.143.188.150] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?136.143.188.150

        • EDIT MAIL DOMAIN

          HOW DO I EDIT MY MAIL DOMAIN

        • On-prem version of Zoho Desk

          Is there an on-prem version of Zoho Desk available for enterprise customers if we have additional aspects of security that aren't covered with current legal and data security terms?

        • Workers unable to submit time logs

          I received a phone call and an email from employees saying that they received the same error code. They cannot submit the hours that they worked. The clerk whose email is problematical is not in the office this week and does not have access to her email.

        • Error 550 - receiving email

          Hi, We've been getting messages from three different customers that our email address was bouncing. Our email address is hello[at]meteoorbooks.com. This was the error message they received: The response from the remote server was: 550 5.0.1 Recipient

        • solicitud cambio de dominio

          buenas tardes por favor me pueden ayudar con un cambio de dominio es que al crear un correo corporativo manual y agregue un dominio inscribí el mío pero le anexe letras de mas y no pude seguir con el proceso y no se como hacer para seguir con la configuración

        • Zoho Desk's ASAP announcement | Time to embrace the enhanced JWT Authentication Mechanism for ASAP | Dec'23

          Hi All, We are eager to introduce the enhanced JWT authentication mechanism for accessing your ASAP add-ons. Effective December 25th, 2023, the ASAP's old JWT authentication mechanism will be deprecated. This means that the option to switch to the new

        • Attach Subform images from Zoho Creator to CRM Module

          Good afternoon eveyone. I am having a difficult time trying to find a way to attach a subform image from a creator app to a CRM module. I have tried so many ways that I don't even know which way was on the right track because none of them worked. If anyone

        • Receipt for Transaction ID2005635324115

          Please share Receipt for Transaction ID2005635324115 towards bashir.salih@wood-man.ae

        • Zoho FSM Extension for Zoho Desk: For Enhanced On-Site Assistance and Unified Customer Support

          We are stoked to present to you Zoho FSM for Zoho Desk, an extension that will help you convert Zoho Desk tickets that require on-site assistance into field service requests in Zoho FSM, ensuring a smooth hand-off from the help desk to field technicians.

        • Not able to send or receive emails

          Hello, I have not been having problems sending and receiving email accounts for about 2 weeks now. I have clean out my folders for storage and it is still not working. Thanks Ward

        • Need Assistance with New Account and DNS Update

          I've created a Zoho Mail account for my Website https://apkqad.com but forgot which Gmail account I used to sign up. Can I setup a new Zoho Mail account and update the DNS records accordingly?

        • Zoho Desk app update - Reply via email option for IM tickets

          Hello, everyone! We're excited to introduce the 'Reply via Email' option for IM tickets, in the latest version of the Zoho Desk Android(v2.7.4) and iOS(2.9.5) app update. You can now respond to IM-based tickets via email within the mobile app. This feature

        • Importing into Multiselect Picklist

          Hi, We just completed a trade show and one of the bits of information we collect is tool style. The application supplied by the show set this up as individual questions. For example, if the customer used Thick Turret and Trumpf style but not Thin Turret,

        • Zoho Meeting Android app update - v2.4.0

          Hello everyone! We are excited to announce that we have brought in support for the following features in the latest version of the Zoho Meeting Android app(v2.4.0): 1. Start Personal Meeting Rooms 2. Revamp of the schedule meeting screen and meeting details

        • Upload and embed a video into an article?

          How can we upload a video and embed it into an article? It is possible for images but this only supports image files. And don't say it has to be uploaded to YouTube, Vimeo or DailyMotion in order to embed it. We're trying to create company documentation

        • Zoho Recruit in 2025

          Hi Zoho team, Is it possible to disclose what is on the roadmap for Recruit in 2025? In comparsion to other ATS options available, Recruit is falling behind. Within the community there are endless request and suggestions from users on feature which would

        • Mass Update Status of Job Openings

          It'd be incredibly useful to be able to mass update the statuses of job openings. I've just been told six jobs are on hold with the same client, so at the moment I need to update all of them individually. Cheers

        • Canvas View in Zoho Recruit

          Is it possible or would it be possible to have the new 'Canvas View' in Zoho Recruit?

        • This mobile number has been marked spam. Please contact support.

          I am having problem of adding my mobile phone number to my account, while enabling the Zoho mail service. I have tried my personal number, working number, and even my parents number and still got the same error "This mobile number has been marked spam.

        • Error when trying to categorize bank transactions

          I am trying to categorize my bank transactions. It was going fine, I categorized 50 or so transaction and suddenly I started getting an error that reads: "Transactions cannot be matched as the account you are trying to match it to, is different.". I select

        • Why there is "Failure" after the "Answer bot" card

          Hi, I'm building a Chat bot for my company. I implement the card "Answer bot" and after this card there is the word "Failure", then if I add another card, this card doesn't work. In this case I add the "End" card. Can you explain how to do to avoid this

        • Kaizen #177: Duplicate Check Preferences API vs. Upsert API

          Hello all!!! Welcome back to another week of Kaizen. Last week, we discussed Optimizing the Use of Record ID Variables in Zoho CRM Queries. This week, we will explore two important APIs for managing duplicate records in Zoho CRM - Duplicate Check Preferences

        • How to block a WhatsApp user for sending spam

          Is there a way to block those whatsapp users that just come to play and annoy our service, they also spam us. We have a waba service with sales iq

        • Sales receipt drop down

          Is the option for Sales receipt only in a paid subscription? If it is which subscription, if it is not how do I get it up on my drop down sales tab.

        • How do you manage sales forecasts by deal when you're a SaaS (subscription) provider?

          Hello, I was wondering how you forecast revenue as a SaaS? Because my LTV moves all the time and I was thinking of updating the amount of each deal in the pipeline according to my LTV stripe, but is it possible?

        • Mass-Delete-Action over API doesn't work because of scope

          Hi all, we're currently trying to mass delete 40000 deals from our CRM, that we have already put into a custom view. I'm not that used to the API, but I managed to authenticate by https://accounts.zoho.com/oauth/v2/token with Postman and going by the

        • 5 powerful ways to boost e-commerce customer engagement with Zobot

          E-commerce has been a game changer for the past decade. It has drastically influenced the way people purchase. This pandemic broke all the existing rules by embracing automation and making the customer experience more personalized. Chatbots play a crucial

        • Access Sales Order line Items in Deluge

          Does anyone have a Deluge snippet that shows how to access an Order_Items from a Sales_Order? Thanks in advance! Brenedn

        • Progressive Discounts

          We need to be able to apply more than one discount after the sub total. How would we go about doing that in zoho books and zoho inventory?

        • How to select alternate invoice email notification template

          When we reissue an invoice, we want to send a different notification email. I am able to set up the alternate email body using Email Notifications/Invoice Notification settings, but I can't figure out how to attach that template to a specific invoice.

        • Create/Update Query Tables through API

          We need an API to edit the query tables. Currently if columns are added/removed from a normal table, we have to edit the query tables made on top of that table manually to reflect the changes. We want to automate this task to automatically update the

        • Is there a way to programmatically open the zoho business chat?

          I'm integrating business chat into my website. Is there a way to programmatically trigger opening the chat?

        • Mass Change Start Date in Recurring Invoice

          Need a way to update start date for large number of recurring invoices. Either bulk update option for that field or an import function with the ability to set "duplicate handling logic" (like when importing customers) so that one (or more) field can be

        • How Do I Refund a Customer Directly to Their Credit Card?

          Hi, I use books to auto-charge my customers credit card. But when I create a credit note there doesn't seem to be a way to directly refund the amount back to their credit card. Is the only way to refund a credit note by doing it "offline" - or manually-

        • Zoho Books Invoices Templates

          It would be really helpful to have more advanced features to customise the invoice templates in Zoho Books. Especially I´m thinking of the spacing of the different parts of the invoice (Address line etc.). If you have a sender and receiver address in

        • Backup & Restore

          We need a better tool for comprehensive data back-up and restore.  We are investing in Zoho Books as a tool to run our business and the data we input into the system is vital so having comprehensive and regular backups is not only key but a fundamental requirement for any responsible business.  The current backup system does not provide complete data backup and the process to import the data is also flawed. Exported files size are larger than the allowable import size Some exported files have different

        • Zoho Books Custom Views do not allow "Empty" and "Not Empty" to be evaluated in criteria

          In Zoho Books, we can create a custom view for most modules (like Invoices and Bills), and we can try to specify a criteria. However, we cannot evaluate in criteria whether a field is empty or not. This is very bizarre! Every type of criteria across all

        • Next Page