/
AssertionConsumerService

AssertionConsumerService

Owned by Rod Widdowson
Last updated: Dec 08, 2021
1 min read

 

Advanced Configuration

Note, this is an advanced configuration feature. Most deployments can rely on the <SSO> shorthand element.

The <md:AssertionConsumerService> element is used to configure handlers that are responsible for consuming SAML assertions; that is, they process an assertion according to a profile, extract its contents, create a new user session, and typically produce a cookie to represent the session.

An ACS does most of the work of SSO for the SP and is the "receiving" half of the SSO message exchange started by a SessionInitiator. As a multi-protocol system, the SP itself is oblivious to specific SSO protocols; each ACS provides the implementation of a particular protocol. The "assertion" terminology is SAML-specific but is an abstraction at this level.

Protocols

ACS implementations exist for these protocols.  Precisely which ACS is defined the the  Binding attribute.

Common Attributes



Related content

SAML2 SessionInitiator
SAML2 SessionInitiator
Service Provider 3
More like this
Sessions
Sessions
Service Provider 3
Read with this
NativeSPAssertionConsumerService
NativeSPAssertionConsumerService
Shibboleth 2
More like this
Looping
Looping
Service Provider 3
Read with this
SAML 1.x AssertionConsumerService
SAML 1.x AssertionConsumerService
Service Provider 3
More like this
XMLAttributeExtractor
XMLAttributeExtractor
Service Provider 3
Read with this