SAML 2.0 The Security Assertion Markup Language (SAML) is an XML-based standard for exchanging authentication and authorization data between security domains. SAML exchanges security information between an identity provider (a producer of assertions) and a service provider (a consumer of assertions). SAML is a product of the OASIS Security Services Technical Committee. When implemented correctly, SAML is one of the most secure methods of single sign-on available. The SAML 2.0 integration enables single sign-on (SSO) by exchanging XML tokens with an external Identity Provider (IdP). The IdP authenticates the user and passes a NameID token to the system. If the system finds a user with a matching NameID token (for example, the email address), the instance logs that user in. If you are using the SAML 2.0 plugin for SSO authentication, you need to set the glide.ui.rotate_sessions property to false. Otherwise, it interferes with the session information sharing that takes place between the instance and the Identity Provider. Users with the security_admin elevated privilege can access this high security property by selecting System Security > High Security Settings. Note: It is recommended that customers using an existing SAML 2.0 integration upgrade to the latest SAML 2.0 integration update. Activate and set up SAML 2.0SAML 2.0 activates through the Integration - Multiple Provider Single Sign-On Installer plugin.SAML 2.0 conceptsFamiliarize yourself with these SAML concepts.SAML 2.0 Single Sign-On — Update 1The SAML 2.0 Single Sign-On - Update 1: security enhancements plugin improves integration security by requiring additional checks against the SAMLResponse URL parameter.Integrating SAML 2.0 with other featuresYou can integration your SAML 2.0 solution with other features like E-Signature, deep linking, and ADFS.Migrating an existing SAML 1.1 integration to SAML 2.0To migrate from a SAML 1.1 integration to a SAML 2.0 integration, contact customer support. Update existing SAML 2.0 integrationPerform these steps to update your existing SAML 2.0 integration.SAML user provisioningIf users exist in your IdP but are not in your instance, SAML user provisioning can automatically create the users in your instance's User [sys_user] table.SAML 2.0 troubleshootingBefore contacting support, try the troubleshooting solutions available in the knowledge base on Hi.