Assertion Consumer Service URL and Entity ID / Issuer in SAML

If you may not much familiar with what SAML (Security Assertion Markup Language) you can refer my previous Blog, “Very Basic about SAML and how it is used”

So with this, I intend to discuss two topics that I normally talk about with SAML, which are Assertion Consumer Service URL and Entity ID / Issuer.

The connection between these two is, Once the ACS URL is generated, you will need to provide it to your IdP. Your IdP will use your provided ACS URL to generate metadata for your organization, including an Entity ID / Issuer value.

Assertion Consumer Service URL

The Assertion Consumer Service (ACS) URL directs your IdP where to send its SAML Response after authenticating a user.

Your application (which application you want to log in to) receives your IdP’s SAML Response at the ACS URL, verifies the Response, and logs the user into the Application.

Entity ID / Issuer

The Entity ID (sometimes referred to as the Issuer) names the application within your IdP.

This must be an exact match with the configuration settings in the application.

If the Entity ID / Issuer value is not an exact match between your IdP and application, your users will receive an error when attempting to log in via SSO.

Thanks 🙂…