# SAML ## Generate Metadata files Use [SAML Tool](samltool.com) for generating metadata files ## Identity Provider Entity which provide user information of a user to a service. ## Service Provider Entity which will provide service to a user. ### `spinitsso-redirect` Generate the request for the identity provider ```javascript= serviceProvider.createLoginRequest(identityProvider, "redirect"); ``` The obve method will give a request context on which we have to redirect using express response. ## Links * [What is SAML?](https://www.varonis.com/blog/what-is-saml/) * [SSO, SAML and SLO](https://medium.com/@BoweiHan/elijd-single-sign-on-saml-and-single-logout-624efd5a224) * [What is RelayState?](https://blogs.sap.com/2019/02/19/what-is-relaystate-in-saml-and-how-to-configure-relaystate-on-as-abap) * [The Beer Drinker’s Guide to SAML](https://duo.com/blog/the-beer-drinkers-guide-to-saml) ## Notes * First request from the service provider is `spinitsso-redirect` * Service provider and identity provider will have same metadata files --- IDP will have the metadata files for all service providers.  > **NOTE:** Each provider have its own identity provider metadata file as we have to know from which service provider we got the login request. This we will know by the unique id for each service provider. This ID will come in the params of the url. http://payment.b2b.localhost/sso/SingleSignOnService/:service-id ---