Skip to main content

SAML enrollment flow overview

This diagram illustrates the high-level SAML enrollment process for both SAML Service Provider (SP) and SAML Identity Provider (IdP) initiated flows:

samlenrollwf.png

注記

  • DigiCert​​®​​ Trust Lifecycle Manager caches the SAML authenticated sessions for up to 30 minutes. After 30 minutes, users will be forced to re-authenticate against their SAML IdP.

  • The SAML session key is treated as unique, thus preventing from re-using the same SAML response by malicious users.

  • All SAML IdP assertions must be digitally signed.

Now, check for an issuing CA.