Service Providers and Identity Providers - Fluid Topics

Fluid Topics Integration Guide
Category
Reference Guides
Audience
public
Version
Latest

The concepts of Service Provider (SP) and Identity Provider (IdP) are key to understanding the SAML secure authentication system.

A diagram showing the interaction between a Service Provider (SP) and an Identity Provider (IdP). On the left, the 'Fluid Topics App Server' represents the SP, accompanied by icons indicating a keystore with private and public keys and an SP Metadata file in XML format. On the right, an icon of a person represents the IdP, accompanied by icons showing an IdP Metadata file in XML format and a keystore with private and public keys. The diagram illustrates the exchange of metadata files between the two entities, represented by a dotted line separating the SP and IdP sections.

The Fluid Topics server has the role of SP. The administrator's SAML provider has the role of IdP.

Both the SP and the IdP use a private and a public key to communicate with each other:

  1. The SP sends a message to the IdP that has been encrypted with the IdP public key. The IdP decrypts the SP message by using the IdP private key.

  2. In return, the IdP sends a message to the SP that has been encrypted with the SP public key. The SP decrypts the IdP message by using the SP private key.

To validate the configuration of authentication parameters, the following information is necessary:

  • The SP must have access to the metadata.xml file generated by the IdP.

  • The IdP must have access to the metadata.xml file generated by the SP.

    A diagram illustrating the interaction between a Service Provider (SP) and an Identity Provider (IdP) in the context of metadata exchange. On the left, the 'Fluid Topics App Server' represents the SP, and on the right, an icon of a person represents the IdP. Both sides show XML metadata files and keystore icons containing private and public keys. The SP Metadata file from the SP is shared with the IdP and vice versa. The exchange of metadata is indicated by speech bubbles with a green checkmark in the middle, signifying successful communication.