![\"\"](\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/07\/image-85.png\")
<\/figure>\n\n\n\nTypically, in an IDP initiated sign-on scenario, the user accesses the IDP’s login page directly, and upon successful authentication, the IDP generates the security tokens and redirects the user to the intended application or service hosted by the Service Provider.<\/p>\n\n\n\n SP initiated sign-on, on the other hand, occurs when a user initiates the authentication process from the Service Provider side. In this case, the user directly accesses the application or service provided by the SP and attempts to access a resource that requires authentication. The Service Provider then detects that the user is not yet authenticated and redirects the user to the Identity Provider login page to enter their credentials.<\/p>\n\n\n\n After successful authentication by the IDP, the user is redirected back to the Service Provider with the necessary security tokens. The Service Provider can then validate these tokens and grant the user access to the requested resource.<\/p>\n\n\n\n Both IDP initiated and SP initiated sign-on approaches serve the same purpose of providing SSO capabilities in a federated identity environment. The choice of which method to use often depends on the specific requirements and design of the authentication system. Some organizations may prefer one over the other based on user experience or security considerations.<\/p>\n","protected":false},"excerpt":{"rendered":" IDP Initiated Sign-On IDP initiated sign-on occurs when a user starts the authentication process from the Identity Provider’s side. The Identity Provider is responsible for authenticating the user’s identity, and once the user is authenticated, the IDP sends the necessary security tokens to the Service Provider, allowing the user to access the desired application or […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[42],"tags":[5],"class_list":["post-730","post","type-post","status-publish","format-standard","hentry","category-adfs","tag-adfs"],"yoast_head":"\n![\"\"](\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/07\/image-86.png\")
<\/figure>\n\n\n\nSP Initiated Sign-On<\/h4>\n\n\n\n
![\"\"](\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/07\/image-84.png\")
<\/figure>\n\n\n\n![\"\"](\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/07\/image-87.png\")
<\/figure>\n\n\n\nDifference between IDP Initiated Sign-On and SP Initiated Sign-On<\/h4>\n\n\n\n
\n