{"id":107261,"date":"2025-12-11T13:16:22","date_gmt":"2025-12-11T07:46:22","guid":{"rendered":"https:\/\/cloudfoundation.com\/blog\/?p=107261"},"modified":"2026-01-19T17:27:05","modified_gmt":"2026-01-19T11:57:05","slug":"forgerock-saml-authentication-training","status":"publish","type":"post","link":"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/","title":{"rendered":"ForgeRock SAML Authentication Training"},"content":{"rendered":"<p>[et_pb_section fb_built=&#8221;1&#8243; _builder_version=&#8221;4.9.7&#8243;][et_pb_row _builder_version=&#8221;4.9.7&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.25&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_post_title meta=&#8221;off&#8221; featured_image=&#8221;off&#8221; _builder_version=&#8221;4.9.7&#8243; title_font=&#8221;Times New Roman||||||||&#8221; title_text_align=&#8221;left&#8221; title_text_color=&#8221;#000000&#8243; title_font_size=&#8221;47&#8243; background_color=&#8221;RGBA(0,0,0,0)&#8221; background_enable_image=&#8221;off&#8221; custom_margin=&#8221;|||10%&#8221; title_font_size_tablet=&#8221;40&#8243; title_font_size_phone=&#8221;35&#8243; title_font_size_last_edited=&#8221;on|desktop&#8221;][\/et_pb_post_title][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.9.7&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.25&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_text _builder_version=&#8221;4.9.7&#8243; text_font=&#8221;Georgia||||||||&#8221; text_text_color=&#8221;#000000&#8243; text_font_size=&#8221;22px&#8221; text_line_height=&#8221;1.9em&#8221; header_2_font=&#8221;|700|||||||&#8221; header_2_font_size=&#8221;31px&#8221; max_width=&#8221;800px&#8221; max_width_last_edited=&#8221;off|phone&#8221; custom_margin=&#8221;|||10%&#8221; custom_margin_last_edited=&#8221;off|desktop&#8221; text_font_size_tablet=&#8221;&#8221; text_font_size_phone=&#8221;&#8221; text_font_size_last_edited=&#8221;on|phone&#8221; text_line_height_last_edited=&#8221;off|phone&#8221;]<\/p><div id=\"ez-toc-container\" class=\"ez-toc-v2_0_80 ez-toc-wrap-center counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<span class=\"ez-toc-title-toggle\"><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#ForgeRock_and_IDP-Initiated_vs_SP-Initiated_Flow\" >ForgeRock and IDP-Initiated vs SP-Initiated Flow<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#ForgeRock_and_Defining_Entity_IDs_and_Aliases\" >ForgeRock and Defining Entity IDs and Aliases<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#ForgeRock_and_Name_ID_Format_Setup\" >ForgeRock and Name ID Format Setup<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#ForgeRock_and_Service_Tab_Configuration\" >ForgeRock and Service Tab Configuration<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#ForgeRock_and_Testing_the_SAML_Request\" >ForgeRock and Testing the SAML Request<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#Understanding_ForgeRock_and_the_Flow_of_SAML_Authentication\" >Understanding ForgeRock and the Flow of SAML Authentication<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#Setting_Up_ForgeRock_for_Identity_Providers_and_Service_Providers\" >Setting Up ForgeRock for Identity Providers and Service Providers<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#Building_the_Circle_of_Trust_in_ForgeRock\" >Building the Circle of Trust in ForgeRock<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#Exploring_Real-World_ForgeRock_Configuration_Behavior\" >Exploring Real-World ForgeRock Configuration Behavior<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#ForgeRock_SAML_Flow_for_End_Users\" >ForgeRock SAML Flow for End Users<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#ForgeRock_Assertion_Creation_and_Artifact_ID_Handling\" >ForgeRock Assertion Creation and Artifact ID Handling<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#ForgeRock_Signing_Encryption_and_Algorithms\" >ForgeRock Signing, Encryption, and Algorithms<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#ForgeRock_Authentication_Basics_Explained\" >ForgeRock Authentication Basics Explained<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#ForgeRock_Assertion_Mapping_in_Practice\" >ForgeRock Assertion Mapping in Practice<\/a><\/li><\/ul><\/nav><\/div>\n\n<h2><span class=\"ez-toc-section\" id=\"ForgeRock_and_IDP-Initiated_vs_SP-Initiated_Flow\"><\/span>ForgeRock and IDP-Initiated vs SP-Initiated Flow<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>In ForgeRock, if the user begins directly at the identity provider, the IDP takes charge and starts the entire authentication flow.<\/p>\n<p>I always explain it simply: in an IDP-initiated flow, the user touches the IDP first, and ForgeRock handles the SAML process from there.<\/p>\n<p>In an SP-initiated flow, the user first tries to access the application, and if there\u2019s no active session, ForgeRock redirects them to the IDP for authentication.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ForgeRock_and_Defining_Entity_IDs_and_Aliases\"><\/span>ForgeRock and Defining Entity IDs and Aliases<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>When learners ask me what they should use as an entity ID in ForgeRock, I tell them they can use any string Salesforce.com, a simple word, anything meaningful.<\/p>\n<p>In this case, since we were setting up Salesforce as the service provider, I guided them to create the meta alias on the SP side.<\/p>\n<p><img decoding=\"async\" class=\"size-medium aligncenter\" src=\"https:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2025\/12\/ForgeRock-Authentication-Flow-1.png\" alt=\"\" width=\"800\" height=\"1996\" \/><\/p>\n<p>ForgeRock accepts the alias freely, and the Circle of Trust we created earlier is then linked to this entity.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ForgeRock_and_Name_ID_Format_Setup\"><\/span>ForgeRock and Name ID Format Setup<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>During initial testing, I asked everyone to switch the NameID format to transient inside ForgeRock.<\/p>\n<p>Since ForgeRock provides multiple options, persistent, email address, unspecified, and transient, I prefer removing the unnecessary ones just to keep things clean for early tests.<\/p>\n<p>Once the learners get comfortable, they can revisit these settings later.<\/p>\n<p><video class=\"\" autoplay=\"autoplay\" loop=\"loop\" muted=\"\" width=\"800\" height=\"auto\"><source loading=\"lazy\" class=\"lazy lazy-hidden lazy lazy-hidden lazy lazy-hidden\" data-lazy-type=\"video\" data-src=\"https:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2025\/12\/ForgeRock-Service-Setup.webm\" src=\"https:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2025\/12\/ForgeRock-Service-Setup.webm\" \/><\/video><\/p>\n<h2><span class=\"ez-toc-section\" id=\"ForgeRock_and_Service_Tab_Configuration\"><\/span>ForgeRock and Service Tab Configuration<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>In the services tab of ForgeRock, I point out the meta alias path because we reuse it multiple times.<\/p>\n<p>I always remind students to store the alias in their notes.<\/p>\n<p>ForgeRock makes heavy use of aliases, and having them handy avoids confusion later while building or testing SAML URLs.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ForgeRock_and_Testing_the_SAML_Request\"><\/span>ForgeRock and Testing the SAML Request<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>After the setup, I let them try the URL.<\/p>\n<p>If their SAML Tracer is active, they can immediately see the request leaving the browser and heading toward ForgeRock.<\/p>\n<p>Some students use incognito mode, so I ask them to verify whether their SAML Tracer captures data from private windows. It helps them troubleshoot cleanly without cached sessions.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Understanding_ForgeRock_and_the_Flow_of_SAML_Authentication\"><\/span><strong>Understanding ForgeRock and the Flow of SAML Authentication<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>When I walk you through SAML authentication inside ForgeRock, I want you to see exactly how the end user interacts with every layer.<\/p>\n<p>The end user tries to access a service provider, and ForgeRock steps in to guide that authentication journey.<\/p>\n<p>I always remind learners that the service provider depends on ForgeRock to connect with the identity provider and validate the user securely.<\/p>\n<p><img decoding=\"async\" class=\"size-medium aligncenter\" src=\"https:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2025\/12\/ForgeRock-Configuration-Flow-1.png\" alt=\"\" width=\"800\" height=\"2424\" \/><\/p>\n<p>Inside ForgeRock, once the end user submits the request, the identity provider takes over and authenticates the user.<\/p>\n<p>After successful authentication, ForgeRock generates a SAML assertion.<\/p>\n<p>I highlight this part because the assertion is nothing but XML-based statements that describe user profile information and the authentication level performed.<\/p>\n<p>When you test this flow inside ForgeRock, you actually see these XML statements being passed between systems.<\/p>\n<p>I often pause at this point to explain how ForgeRock forms the circle of trust.<\/p>\n<p>The moment the SAML assertion travels back to the service provider and the request gets validated, ForgeRock completes the trust loop.<\/p>\n<p>This is why we call it a circle of trust, because both the identity provider and service provider rely on each other through ForgeRock to maintain a secure authentication flow.[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=&#8221;1_3,1_3,1_3&#8243; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221; background_color=&#8221;#064399&#8243; use_background_color_gradient=&#8221;on&#8221; background_color_gradient_start=&#8221;#0095f2&#8243; background_color_gradient_end=&#8221;#7dbed8&#8243; background_color_gradient_direction=&#8221;92deg&#8221; background_color_gradient_start_position=&#8221;35%&#8221; background_color_gradient_end_position=&#8221;80%&#8221; transform_scale=&#8221;73%|62%&#8221; transform_scale_linked=&#8221;off&#8221; transform_translate=&#8221;-53px|-50px&#8221; transform_translate_linked=&#8221;off&#8221; link_option_url=&#8221;https:\/\/cloudfoundation.com\/&#8221; link_option_url_new_window=&#8221;on&#8221;][et_pb_column type=&#8221;1_3&#8243; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221;][et_pb_image src=&#8221;https:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2023\/06\/SS_436-_Converted_-1.png&#8221; title_text=&#8221;SS_436 _Converted_ 1&#8243; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221; transform_scale=&#8221;114%|112%&#8221; transform_scale_linked=&#8221;off&#8221; transform_translate=&#8221;25px|-4px&#8221; transform_translate_linked=&#8221;off&#8221; width=&#8221;98.1%&#8221; custom_margin=&#8221;|7px|||false|false&#8221;][\/et_pb_image][\/et_pb_column][et_pb_column type=&#8221;1_3&#8243; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221;][et_pb_text _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221; text_font=&#8221;Georgia|700|||||||&#8221; text_font_size=&#8221;23px&#8221; text_line_height=&#8221;1.3em&#8221; header_font=&#8221;Georgia|700|||||||&#8221; header_font_size=&#8221;21px&#8221; header_letter_spacing=&#8221;-1px&#8221; header_line_height=&#8221;2em&#8221; transform_scale=&#8221;171%|159%&#8221; transform_scale_linked=&#8221;off&#8221; transform_translate=&#8221;40px|44px&#8221; transform_translate_linked=&#8221;off&#8221; transform_origin=&#8221;70%|50%&#8221; z_index=&#8221;-161&#8243; width=&#8221;100%&#8221; custom_margin=&#8221;|-215px||||&#8221; custom_padding=&#8221;|0px||||&#8221; link_option_url=&#8221;https:\/\/cloudfoundation.com\/sap-global-trade-services-course\/&#8221;]<\/p>\n<h1 style=\"text-align: center;\"><span style=\"color: #ffffff;\">ForgeRock Training<\/span><\/h1>\n<p>[\/et_pb_text][et_pb_button button_url=&#8221;https:\/\/cloudfoundation.com\/sap-global-trade-services-course\/&#8221; url_new_window=&#8221;on&#8221; button_text=&#8221;Explore Course Content&#8221; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221; custom_button=&#8221;on&#8221; button_text_color=&#8221;#0C71C3&#8243; button_bg_color=&#8221;#FFFFFF&#8221; button_font=&#8221;|700|||||||&#8221; transform_translate=&#8221;64px|65px&#8221; transform_translate_linked=&#8221;off&#8221;][\/et_pb_button][\/et_pb_column][et_pb_column type=&#8221;1_3&#8243; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221;][et_pb_image src=&#8221;https:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2019\/06\/logo_resize_color.png&#8221; title_text=&#8221;logo_resize_color&#8221; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221; transform_translate=&#8221;-36px|0px&#8221; transform_translate_linked=&#8221;off&#8221; custom_margin=&#8221;|||178px||&#8221;][\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.9.7&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.25&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_text _builder_version=&#8221;4.9.7&#8243; text_font=&#8221;Georgia||||||||&#8221; text_text_color=&#8221;#000000&#8243; text_font_size=&#8221;22px&#8221; text_line_height=&#8221;1.9em&#8221; header_2_font=&#8221;|700|||||||&#8221; header_2_font_size=&#8221;31px&#8221; max_width=&#8221;800px&#8221; max_width_last_edited=&#8221;off|phone&#8221; custom_margin=&#8221;|||10%&#8221; custom_margin_last_edited=&#8221;off|desktop&#8221; text_font_size_tablet=&#8221;&#8221; text_font_size_phone=&#8221;&#8221; text_font_size_last_edited=&#8221;on|phone&#8221; text_line_height_last_edited=&#8221;off|phone&#8221;]<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Setting_Up_ForgeRock_for_Identity_Providers_and_Service_Providers\"><\/span>Setting Up ForgeRock for Identity Providers and Service Providers<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>ForgeRock allows multiple identity providers and multiple service providers, and you can structure them exactly the way your environment demands.<\/p>\n<p>I can set up a ForgeRock identity provider for internal needs and another for external organizational access.<\/p>\n<p>While working inside the Federation section of ForgeRock, you\u2019ll notice that the platform refers to these components as federated identities.<\/p>\n<p>ForgeRock supports cross-domain single sign-on, allowing you to authenticate users across internal and external applications with a single identity.<\/p>\n<p>This is one reason I emphasize ForgeRock when teaching modern IAM systems.<\/p>\n<p>Inside the ForgeRock interface, I create entity providers by assigning an entity ID and choosing whether it should function as an identity provider or a service provider.<\/p>\n<p>ForgeRock gives you complete control over naming, aliasing, and configuring metadata.<\/p>\n<p>This flexibility helps learners understand how ForgeRock organizes authentication components behind the scenes.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Building_the_Circle_of_Trust_in_ForgeRock\"><\/span>Building the Circle of Trust in ForgeRock<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The circle of trust configuration in ForgeRock, I start by creating both an identity provider and a service provider.<\/p>\n<p>Once both pieces exist, ForgeRock lets me link them inside a single circle of trust.<\/p>\n<p>I give the circle a name, activate it, and then ForgeRock treats it as a formal trust relationship between systems.<\/p>\n<p>Inside ForgeRock, the circle of trust contains the list of identity providers and service providers that communicate with one another.<\/p>\n<p><img decoding=\"async\" class=\"size-medium aligncenter\" src=\"https:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2025\/12\/ForgeRock-Identity-Setup.png\" alt=\"\" width=\"800\" height=\"2298\" \/><\/p>\n<p>As soon as I add the ForgeRock identity provider and the ForgeRock service provider to the circle, the trust relationship becomes live.<\/p>\n<p>These meta-aliases become important when we run a live SAML test.<\/p>\n<p>ForgeRock uses them to route requests correctly, ensuring that authentication requests land at the right endpoint.<\/p>\n<p>When learners see how easily ForgeRock links these components, they understand why ForgeRock is widely used in real-world IAM projects.<\/p>\n<p>The system handles identity federation, SAML assertions, and trust relationships with clarity, and that\u2019s why I rely on ForgeRock in most of my training sessions.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Exploring_Real-World_ForgeRock_Configuration_Behavior\"><\/span>Exploring Real-World ForgeRock Configuration Behavior<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>In ForgeRock, even a simple change like modifying an alias affects how the system interprets authentication requests.<\/p>\n<p>What I enjoy highlighting the most is how ForgeRock allows you to recreate real enterprise scenarios.<\/p>\n<p>You can create a ForgeRock identity provider for your organization, build a ForgeRock service provider for third-party apps, and then place everything inside a single ForgeRock circle of trust.<\/p>\n<p>This hands-on structure helps everyone understand the full SAML journey.<\/p>\n<p>Every time I explain these steps, I make sure learners experience how ForgeRock validates assertions, manages metadata exchange, and enforces federated identity rules.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ForgeRock_SAML_Flow_for_End_Users\"><\/span>ForgeRock SAML Flow for End Users<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>When I explain SAML flow in ForgeRock, I always start with the end user.<\/p>\n<p>The end user is the subject who tries to access an application through a browser.<\/p>\n<p>From the browser, the user hits the URL, and that triggers the entire ForgeRock authentication process.<\/p>\n<p>In this flow, the identity provider manages the user authentication and issues the SAML assertions that ForgeRock relies on.<\/p>\n<p>As soon as the user makes the first attempt, the application redirects them to the identity provider.<\/p>\n<p>This redirect carries the SAML authentication request.<\/p>\n<p><img decoding=\"async\" class=\"size-medium aligncenter\" src=\"https:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2025\/12\/ForgeRock-Authentication-Flow-2.png\" alt=\"\" width=\"800\" height=\"1996\" \/><\/p>\n<p>Once ForgeRock AM receives this request, ForgeRock authenticates the user and prepares the artifact ID along with the assertion in XML format.<\/p>\n<p>I often show this during testing so learners see exactly what the assertion looks like inside ForgeRock.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ForgeRock_Assertion_Creation_and_Artifact_ID_Handling\"><\/span><strong>ForgeRock Assertion Creation and Artifact ID Handling<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>After ForgeRock verifies the user, it sends back the artifact ID.<\/p>\n<p>This artifact ID contains the assertion, and the user\u2019s browser redirects again, carrying this information to the service provider.<\/p>\n<p>The service provider receives the ForgeRock artifact ID and immediately checks whether the identity provider actually issued it.<\/p>\n<p>ForgeRock validates the session by confirming the artifact ID, making sure the assertion genuinely comes from the right identity provider.<\/p>\n<p>When the artifact ID is validated, the service provider authorizes the user.<\/p>\n<p>At this point, the user can finally access the application.<\/p>\n<p>All this back-and-forth communication between the service provider and ForgeRock happens behind the scenes, so the user only sees a smooth login experience.<\/p>\n<p><strong>\u00a0<\/strong>[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=&#8221;1_3,1_3,1_3&#8243; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221; background_color=&#8221;#064399&#8243; use_background_color_gradient=&#8221;on&#8221; background_color_gradient_start=&#8221;#ff8c7c&#8221; background_color_gradient_end=&#8221;#e5ba4e&#8221; background_color_gradient_type=&#8221;radial&#8221; background_color_gradient_direction_radial=&#8221;top left&#8221; background_color_gradient_start_position=&#8221;35%&#8221; background_color_gradient_end_position=&#8221;80%&#8221; transform_scale=&#8221;74%|69%&#8221; transform_scale_linked=&#8221;off&#8221; transform_translate=&#8221;-53px|-50px&#8221; transform_translate_linked=&#8221;off&#8221; custom_margin=&#8221;||-5px||false|false&#8221; custom_padding=&#8221;|||2px|false|false&#8221; link_option_url=&#8221;https:\/\/cloudfoundation.com&#8221; link_option_url_new_window=&#8221;on&#8221;][et_pb_column type=&#8221;1_3&#8243; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221;][et_pb_image src=&#8221;https:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2023\/06\/8423118_3895895.png&#8221; title_text=&#8221;8423118_3895895&#8243; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221; width=&#8221;85.4%&#8221; custom_margin=&#8221;-31px||-24px||false|false&#8221; custom_padding=&#8221;|22px|0px||false|false&#8221;][\/et_pb_image][\/et_pb_column][et_pb_column type=&#8221;1_3&#8243; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221;][et_pb_text _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221; text_font=&#8221;Georgia|700|||||||&#8221; text_font_size=&#8221;23px&#8221; text_line_height=&#8221;1.3em&#8221; header_font=&#8221;Georgia|700|||||||&#8221; header_font_size=&#8221;19px&#8221; header_letter_spacing=&#8221;-1px&#8221; header_line_height=&#8221;1.2em&#8221; transform_scale=&#8221;171%|159%&#8221; transform_scale_linked=&#8221;off&#8221; transform_translate=&#8221;40px|44px&#8221; transform_translate_linked=&#8221;off&#8221; transform_origin=&#8221;70%|50%&#8221; z_index=&#8221;-161&#8243; width=&#8221;100%&#8221; custom_margin=&#8221;|-215px||||&#8221; custom_padding=&#8221;|0px||||&#8221; link_option_url=&#8221;https:\/\/cloudfoundation.com\/sap-global-trade-services-course\/&#8221;]<\/p>\n<h1 style=\"text-align: center;\"><span style=\"color: #000000;\">ForgeRock Online Training<\/span><\/h1>\n<p>[\/et_pb_text][et_pb_button button_url=&#8221;https:\/\/cloudfoundation.com\/sap-global-trade-services-course\/&#8221; url_new_window=&#8221;on&#8221; button_text=&#8221;Up Coming Batches&#8221; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221; custom_button=&#8221;on&#8221; button_text_color=&#8221;#E09900&#8243; button_bg_color=&#8221;#FFFFFF&#8221; button_font=&#8221;|700|||||||&#8221; transform_translate=&#8221;64px|65px&#8221; transform_translate_linked=&#8221;off&#8221; background_layout=&#8221;dark&#8221;][\/et_pb_button][\/et_pb_column][et_pb_column type=&#8221;1_3&#8243; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221;][et_pb_image src=&#8221;https:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2019\/06\/logo_resize_color.png&#8221; title_text=&#8221;logo_resize_color&#8221; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221; transform_translate=&#8221;-36px|0px&#8221; transform_translate_linked=&#8221;off&#8221; custom_margin=&#8221;|||178px||&#8221;][\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.9.7&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.25&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_text _builder_version=&#8221;4.9.7&#8243; text_font=&#8221;Georgia||||||||&#8221; text_text_color=&#8221;#000000&#8243; text_font_size=&#8221;22px&#8221; text_line_height=&#8221;1.9em&#8221; header_2_font=&#8221;|700|||||||&#8221; header_2_font_size=&#8221;31px&#8221; max_width=&#8221;800px&#8221; max_width_last_edited=&#8221;off|phone&#8221; custom_margin=&#8221;|||10%&#8221; custom_margin_last_edited=&#8221;off|desktop&#8221; text_font_size_tablet=&#8221;&#8221; text_font_size_phone=&#8221;&#8221; text_font_size_last_edited=&#8221;on|phone&#8221; text_line_height_last_edited=&#8221;off|phone&#8221;]<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ForgeRock_Signing_Encryption_and_Algorithms\"><\/span>ForgeRock Signing, Encryption, and Algorithms<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>ForgeRock provides multiple options to sign and encrypt requests and responses.<\/p>\n<p>Clients sometimes require the authentication request to be signed with a specific certificate.<\/p>\n<p>In those scenarios, I show how to configure ForgeRock AM to sign the SAML request using the certificate provided by the client.<\/p>\n<p>The ForgeRock assertion can also be signed before it is shared with the service provider.<\/p>\n<p>These settings are optional, but many projects use them for enhanced security.<\/p>\n<p><img decoding=\"async\" class=\"size-medium aligncenter\" src=\"https:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2025\/12\/ForgeRock-Assertion-Handling.png\" alt=\"\" width=\"800\" height=\"2424\" \/><\/p>\n<p>ForgeRock also supports encryption for attributes or the full assertion, along with several algorithm options.<\/p>\n<p>SHA-256 is the most common algorithm I use during demonstrations because many clients prefer it.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ForgeRock_Authentication_Basics_Explained\"><\/span>ForgeRock Authentication Basics Explained<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>As we explore different authentication contexts, I explain how Kerberos works in Windows SSO and how similar ideas appear when we configure ForgeRock for enterprise login flows.<\/p>\n<p>When you sign in to your computer and automatically access multiple applications, that seamless movement resembles what we later design using ForgeRock authentication journeys.<\/p>\n<p>In ForgeRock, I show you how basic authentication works when you rely on a direct username-password check.<\/p>\n<p>You can enable it or keep the default settings, depending on your project.<\/p>\n<p>When we pair ForgeRock with different authentication modules, we shape exactly how the user\u2019s identity moves through the flow.<\/p>\n<p>This becomes even more important when we start mapping assertions from external identity providers.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ForgeRock_Assertion_Mapping_in_Practice\"><\/span>ForgeRock Assertion Mapping in Practice<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>When you work with ForgeRock, understanding these fields helps you troubleshoot issues that appear during federation setup.<\/p>\n<p><img decoding=\"async\" class=\"size-medium aligncenter\" src=\"https:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2025\/12\/ForgeRock-Authentication-Basics.png\" alt=\"\" width=\"800\" height=\"2714\" \/><\/p>\n<p>I often show a sample SAML response so you can see how the identity provider sends information to the service provider.<\/p>\n<p>When we bring ForgeRock into the picture, you learn how the platform consumes the name ID, sometimes an email, sometimes a User ID.<\/p>\n<p>You\u2019ll also see how ForgeRock uses the account mapper and the auto-federation key to match incoming identities with internal accounts.[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=&#8221;1_3,1_3,1_3&#8243; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221; background_color=&#8221;#064399&#8243; use_background_color_gradient=&#8221;on&#8221; background_color_gradient_start=&#8221;#494fff&#8221; background_color_gradient_end=&#8221;#9ea6ff&#8221; background_color_gradient_type=&#8221;radial&#8221; background_color_gradient_direction_radial=&#8221;top left&#8221; background_color_gradient_start_position=&#8221;35%&#8221; background_color_gradient_end_position=&#8221;80%&#8221; transform_scale=&#8221;74%|71%&#8221; transform_scale_linked=&#8221;off&#8221; transform_translate=&#8221;-53px|-50px&#8221; transform_translate_linked=&#8221;off&#8221; link_option_url=&#8221;https:\/\/cloudfoundation.com\/blog\/&#8221; link_option_url_new_window=&#8221;on&#8221;][et_pb_column type=&#8221;1_3&#8243; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221;][et_pb_image src=&#8221;https:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2023\/06\/Untitled-11.png&#8221; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221; transform_scale=&#8221;103%|103%&#8221; transform_scale_linked=&#8221;off&#8221; transform_translate=&#8221;11px|0px&#8221; transform_translate_linked=&#8221;off&#8221; custom_padding=&#8221;|88px||||&#8221;][\/et_pb_image][\/et_pb_column][et_pb_column type=&#8221;1_3&#8243; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221;][et_pb_text _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221; text_font=&#8221;Georgia|700|||||||&#8221; text_text_color=&#8221;#FFFFFF&#8221; text_font_size=&#8221;23px&#8221; text_line_height=&#8221;1.3em&#8221; header_font=&#8221;Georgia|700|||||||&#8221; header_font_size=&#8221;19px&#8221; header_letter_spacing=&#8221;-1px&#8221; header_line_height=&#8221;1.2em&#8221; transform_scale=&#8221;171%|159%&#8221; transform_scale_linked=&#8221;off&#8221; transform_translate=&#8221;40px|44px&#8221; transform_translate_linked=&#8221;off&#8221; transform_origin=&#8221;70%|50%&#8221; z_index=&#8221;-161&#8243; width=&#8221;100%&#8221; custom_margin=&#8221;|-215px||||&#8221; custom_padding=&#8221;|0px||||&#8221; link_option_url=&#8221;https:\/\/cloudfoundation.com\/blog\/&#8221; link_option_url_new_window=&#8221;on&#8221;]<\/p>\n<h1 style=\"text-align: center;\"><span style=\"color: #ffffff;\"><strong>ForgeRock Course Price<\/strong><\/span><\/h1>\n<p>[\/et_pb_text][et_pb_button button_url=&#8221;https:\/\/cloudfoundation.com\/blog\/&#8221; url_new_window=&#8221;on&#8221; button_text=&#8221;Offer Price&#8221; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221; custom_button=&#8221;on&#8221; button_text_color=&#8221;#0C71C3&#8243; button_bg_color=&#8221;#FFFFFF&#8221; button_font=&#8221;|700|||||||&#8221; transform_translate=&#8221;64px|65px&#8221; transform_translate_linked=&#8221;off&#8221;][\/et_pb_button][\/et_pb_column][et_pb_column type=&#8221;1_3&#8243; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221;][et_pb_image src=&#8221;https:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2019\/06\/logo_resize_color.png&#8221; url=&#8221;https:\/\/cloudfoundation.com\/blog\/&#8221; url_new_window=&#8221;on&#8221; _builder_version=&#8221;4.9.7&#8243; _module_preset=&#8221;default&#8221; transform_translate=&#8221;-36px|0px&#8221; transform_translate_linked=&#8221;off&#8221; custom_margin=&#8221;|||178px||&#8221;][\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.9.7&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.25&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_team_member name=&#8221;Nishitha&#8221; position=&#8221;Author&#8221; image_url=&#8221;https:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2026\/01\/Nishitha.png&#8221; _builder_version=&#8221;4.9.7&#8243; header_level=&#8221;h5&#8243; header_font=&#8221;Titillium Web|700|||||||&#8221; body_font=&#8221;Titillium Web||||||||&#8221; body_font_size=&#8221;16&#8243;]<\/p>\n<p>A mind once stretched by a new idea never returns to its original dimensions.<\/p>\n<p>[\/et_pb_team_member][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[et_pb_section fb_built=&#8221;1&#8243; _builder_version=&#8221;4.9.7&#8243;][et_pb_row _builder_version=&#8221;4.9.7&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.25&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_post_title meta=&#8221;off&#8221; featured_image=&#8221;off&#8221; _builder_version=&#8221;4.9.7&#8243; title_font=&#8221;Times New Roman||||||||&#8221; title_text_align=&#8221;left&#8221; title_text_color=&#8221;#000000&#8243; title_font_size=&#8221;47&#8243; background_color=&#8221;RGBA(0,0,0,0)&#8221; background_enable_image=&#8221;off&#8221; custom_margin=&#8221;|||10%&#8221; title_font_size_tablet=&#8221;40&#8243; title_font_size_phone=&#8221;35&#8243; title_font_size_last_edited=&#8221;on|desktop&#8221;][\/et_pb_post_title][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.9.7&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.25&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_text _builder_version=&#8221;4.9.7&#8243; text_font=&#8221;Georgia||||||||&#8221; text_text_color=&#8221;#000000&#8243; text_font_size=&#8221;22px&#8221; text_line_height=&#8221;1.9em&#8221; header_2_font=&#8221;|700|||||||&#8221; header_2_font_size=&#8221;31px&#8221; max_width=&#8221;800px&#8221; max_width_last_edited=&#8221;off|phone&#8221; custom_margin=&#8221;|||10%&#8221; custom_margin_last_edited=&#8221;off|desktop&#8221; text_font_size_tablet=&#8221;&#8221; text_font_size_phone=&#8221;&#8221; text_font_size_last_edited=&#8221;on|phone&#8221; text_line_height_last_edited=&#8221;off|phone&#8221;] ForgeRock and IDP-Initiated vs SP-Initiated Flow [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":107262,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"2880","footnotes":""},"categories":[228],"tags":[],"class_list":{"0":"post-107261","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-forgerock"},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>ForgeRock SAML Authentication Training<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"ForgeRock SAML Authentication Training\" \/>\n<meta property=\"og:description\" content=\"[et_pb_section fb_built=&#8221;1&#8243; _builder_version=&#8221;4.9.7&#8243;][et_pb_row _builder_version=&#8221;4.9.7&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.25&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_post_title meta=&#8221;off&#8221; featured_image=&#8221;off&#8221; _builder_version=&#8221;4.9.7&#8243; title_font=&#8221;Times New Roman||||||||&#8221; title_text_align=&#8221;left&#8221; title_text_color=&#8221;#000000&#8243; title_font_size=&#8221;47&#8243; background_color=&#8221;RGBA(0,0,0,0)&#8221; background_enable_image=&#8221;off&#8221; custom_margin=&#8221;|||10%&#8221; title_font_size_tablet=&#8221;40&#8243; title_font_size_phone=&#8221;35&#8243; title_font_size_last_edited=&#8221;on|desktop&#8221;][\/et_pb_post_title][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.9.7&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.25&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_text _builder_version=&#8221;4.9.7&#8243; text_font=&#8221;Georgia||||||||&#8221; text_text_color=&#8221;#000000&#8243; text_font_size=&#8221;22px&#8221; text_line_height=&#8221;1.9em&#8221; header_2_font=&#8221;|700|||||||&#8221; header_2_font_size=&#8221;31px&#8221; max_width=&#8221;800px&#8221; max_width_last_edited=&#8221;off|phone&#8221; custom_margin=&#8221;|||10%&#8221; custom_margin_last_edited=&#8221;off|desktop&#8221; text_font_size_tablet=&#8221;&#8221; text_font_size_phone=&#8221;&#8221; text_font_size_last_edited=&#8221;on|phone&#8221; text_line_height_last_edited=&#8221;off|phone&#8221;] ForgeRock and IDP-Initiated vs SP-Initiated Flow [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/\" \/>\n<meta property=\"og:site_name\" content=\"CloudFoundation | Blog\" \/>\n<meta property=\"article:published_time\" content=\"2025-12-11T07:46:22+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-01-19T11:57:05+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2025\/12\/forgerock-SAML.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"500\" \/>\n\t<meta property=\"og:image:height\" content=\"500\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"NAGENDRAG\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"NAGENDRAG\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"ForgeRock SAML Authentication Training","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/","og_locale":"en_US","og_type":"article","og_title":"ForgeRock SAML Authentication Training","og_description":"[et_pb_section fb_built=&#8221;1&#8243; _builder_version=&#8221;4.9.7&#8243;][et_pb_row _builder_version=&#8221;4.9.7&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.25&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_post_title meta=&#8221;off&#8221; featured_image=&#8221;off&#8221; _builder_version=&#8221;4.9.7&#8243; title_font=&#8221;Times New Roman||||||||&#8221; title_text_align=&#8221;left&#8221; title_text_color=&#8221;#000000&#8243; title_font_size=&#8221;47&#8243; background_color=&#8221;RGBA(0,0,0,0)&#8221; background_enable_image=&#8221;off&#8221; custom_margin=&#8221;|||10%&#8221; title_font_size_tablet=&#8221;40&#8243; title_font_size_phone=&#8221;35&#8243; title_font_size_last_edited=&#8221;on|desktop&#8221;][\/et_pb_post_title][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.9.7&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;3.25&#8243; custom_padding=&#8221;|||&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_text _builder_version=&#8221;4.9.7&#8243; text_font=&#8221;Georgia||||||||&#8221; text_text_color=&#8221;#000000&#8243; text_font_size=&#8221;22px&#8221; text_line_height=&#8221;1.9em&#8221; header_2_font=&#8221;|700|||||||&#8221; header_2_font_size=&#8221;31px&#8221; max_width=&#8221;800px&#8221; max_width_last_edited=&#8221;off|phone&#8221; custom_margin=&#8221;|||10%&#8221; custom_margin_last_edited=&#8221;off|desktop&#8221; text_font_size_tablet=&#8221;&#8221; text_font_size_phone=&#8221;&#8221; text_font_size_last_edited=&#8221;on|phone&#8221; text_line_height_last_edited=&#8221;off|phone&#8221;] ForgeRock and IDP-Initiated vs SP-Initiated Flow [&hellip;]","og_url":"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/","og_site_name":"CloudFoundation | Blog","article_published_time":"2025-12-11T07:46:22+00:00","article_modified_time":"2026-01-19T11:57:05+00:00","og_image":[{"width":500,"height":500,"url":"http:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2025\/12\/forgerock-SAML.jpg","type":"image\/jpeg"}],"author":"NAGENDRAG","twitter_card":"summary_large_image","twitter_misc":{"Written by":"NAGENDRAG","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/","url":"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/","name":"ForgeRock SAML Authentication Training","isPartOf":{"@id":"https:\/\/cloudfoundation.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#primaryimage"},"image":{"@id":"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#primaryimage"},"thumbnailUrl":"https:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2025\/12\/forgerock-SAML.jpg","datePublished":"2025-12-11T07:46:22+00:00","dateModified":"2026-01-19T11:57:05+00:00","author":{"@id":"https:\/\/cloudfoundation.com\/blog\/#\/schema\/person\/df6c7eba98f1bb15f2a100a9958266e4"},"breadcrumb":{"@id":"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#primaryimage","url":"https:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2025\/12\/forgerock-SAML.jpg","contentUrl":"https:\/\/cloudfoundation.com\/blog\/wp-content\/uploads\/2025\/12\/forgerock-SAML.jpg","width":500,"height":500},{"@type":"BreadcrumbList","@id":"https:\/\/cloudfoundation.com\/blog\/forgerock-saml-authentication-training\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cloudfoundation.com\/blog\/"},{"@type":"ListItem","position":2,"name":"ForgeRock SAML Authentication Training"}]},{"@type":"WebSite","@id":"https:\/\/cloudfoundation.com\/blog\/#website","url":"https:\/\/cloudfoundation.com\/blog\/","name":"CloudFoundation | Blog","description":"A New way of Learning","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cloudfoundation.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/cloudfoundation.com\/blog\/#\/schema\/person\/df6c7eba98f1bb15f2a100a9958266e4","name":"NAGENDRAG","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cloudfoundation.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/09e08ba1102807a876f2c00245d6b955f0a9f027b40c181e9cee0cd2d927f84a?s=96&d=wavatar&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/09e08ba1102807a876f2c00245d6b955f0a9f027b40c181e9cee0cd2d927f84a?s=96&d=wavatar&r=g","caption":"NAGENDRAG"},"url":"https:\/\/cloudfoundation.com\/blog\/author\/nagendrag\/"}]}},"_links":{"self":[{"href":"https:\/\/cloudfoundation.com\/blog\/wp-json\/wp\/v2\/posts\/107261","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudfoundation.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudfoundation.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudfoundation.com\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudfoundation.com\/blog\/wp-json\/wp\/v2\/comments?post=107261"}],"version-history":[{"count":8,"href":"https:\/\/cloudfoundation.com\/blog\/wp-json\/wp\/v2\/posts\/107261\/revisions"}],"predecessor-version":[{"id":108160,"href":"https:\/\/cloudfoundation.com\/blog\/wp-json\/wp\/v2\/posts\/107261\/revisions\/108160"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cloudfoundation.com\/blog\/wp-json\/wp\/v2\/media\/107262"}],"wp:attachment":[{"href":"https:\/\/cloudfoundation.com\/blog\/wp-json\/wp\/v2\/media?parent=107261"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudfoundation.com\/blog\/wp-json\/wp\/v2\/categories?post=107261"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudfoundation.com\/blog\/wp-json\/wp\/v2\/tags?post=107261"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}