Single Sign-On Terms

Assertion Consumer URL

The location where the claims will be sent after authentication, this will contain a unique identifier for the instance in question. TechSmith provides this to the customer.



A claim is a statement that one subject makes about itself or another subject. The statement can be about a name, identity, key, group, privilege, or capability, for example.
The claim types can vary, depending on what system you are using, it could be a xmlsoap schema, a defined name, or a urn:oid format, or just about anything else.  


Claim Type

The type of statement in the claim. Examples of claim types include first name, role, and email address. The claim type provides context for the claim value, and it is usually expressed as a Uniform Resource Identifier (URI). For example, the email address claim type may be represented as

Identity Provider (IdP)


Also known as Identity Assertion Provider, can: provide identifiers for users looking to interact with a system. assert to such a system that such an identifier presented by a user is known to the provider.
Examples: shibboleth, ADFS, CAS, Oracle Access Manager (OAM), OneLogin, Azure Active Directory, etc.

Security Assertion Markup Language (SAML) 


The protocol which is used for communication of authentication and authorization.
The WebSSO protocol that is defined in the SAML 2.0 Core specification. The SAML protocol specifies how to use HTTP web browser redirects to exchange assertions data. SAML is used to authenticate and authorize users across secure boundaries.


SAML Issuer (Issuer)

This is the location the SAML request comes from (e.g.

SAML Response


The contents of the data being sent back to the Assertion Consumer URL. This contains information about the certificate, the claims being sent, and more. Typically it's encrypted, but still contains valuable information for the troubleshooting process.


Service Provider (SP)

A Service Provider (SP) is an entity that provides Web Services (e.g. TechSmith)

Single Sign-On (SSO)


Process enabling access to multiple web sites without need to repeatedly present credentials necessary for authentication. Various federation protocols such as SAML, WS-Federation, OpenID or OAuth can be used to achieve SSO use-cases. Information such as means of authentication, user attributes, authorization decisions or security tokens are typically provided to the service provider as part of single sign-on.


Single Logout (SLO)

Process terminating authenticated sessions at all resources which were accessed using single sign-on. Techniques such as redirecting user to each of the SSO participants or sending a logout SOAP messages are typically used.