HTTP Status Codes for SAML Single Sign-on (SSO) | Cisco Exam 400-051

HTTP 302 Found

Prev Question Next Question

Question

In Security Assertion Markup Language (SAML) Single Sign-on (SSO), which HTTP status code is used by the service provider to redirect browser to the IdP for authentication?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

E.

In Security Assertion Markup Language (SAML) Single Sign-on (SSO), when a user tries to access a service offered by a Service Provider (SP), the SP needs to ensure that the user is authenticated. To achieve this, the SP redirects the user to the Identity Provider (IdP), which is responsible for authentication.

The SP redirects the user's browser to the IdP's SAML SSO endpoint, passing along some data that identifies the user and the requested service. The HTTP status code used for this redirect depends on the requirements of the SAML implementation and the specific use case.

The most commonly used HTTP status code for this redirect is 302 Found, which indicates that the requested resource (i.e., the IdP's SAML SSO endpoint) has been temporarily moved to a different URL. The browser will then automatically send a new request to the new URL specified in the Location header of the HTTP response.

Other HTTP status codes that can be used for this redirect include:

  • 303 See Other: This indicates that the requested resource can be found at a different URL, and the browser should make a GET request to the new URL specified in the Location header.
  • 307 Temporary Redirect: This is similar to 302, but with the caveat that the browser should not change the request method (e.g., from POST to GET) when following the redirect.
  • 308 Permanent Redirect: This is similar to 302, but indicates that the redirect is permanent, and the browser should update its bookmarks or cached links accordingly.
  • 305 Use Proxy: This is an older HTTP status code that is rarely used anymore, but it can be used to indicate that the requested resource must be accessed through a proxy server.

In summary, the most commonly used HTTP status code for the redirect in SAML SSO is 302 Found, but other codes like 303, 307, and 308 may be used depending on the requirements of the SAML implementation and the specific use case. Therefore, in this question, the correct answer is E. 302.