Security Guide > Single Sign-on for Informatica Web Applications > SAML-based Single Sign-on Authentication Process
  

SAML-based Single Sign-on Authentication Process

Informatica web applications and Active Directory Federation Services exchange authentication and authorization information to enable single sign-on in an Informatica domain
The following steps describe the basic SAML-based single sign-on authentication flow:
  1. 1. A user logs into an Informatica web application.
  2. 2. The application sends a SAML authentication request to AD FS.
  3. 3. AD FS authenticates the user's credentials against the user account information in the LDAP or Active Directory identity store.
  4. 4. AD FS creates a session for the user and sends a SAML assertion token containing security-related information about the user to the web application.
  5. 5. The application validates the assertion.