The end-user signs in to the identity provider's portal first and clicks an app icon to access the member hub.
- The user navigates to the
Identity Provider portal (i.e. myapps.microsoft.com for Azure or the OneLogin
portal).
Typically the user navigates directly to the portal, but then can also click a button on the hubs sign in page which redirects them there. For more information on configuring this button, see step 6 in Finalize and test member hubs single sign-on.
- The user clicks the service provider app icon in the service provider portal and signs in.
- The IdP sends the service provider a SAML assertion. The SAML assertion is an XML document that securely provides details about the user's identity and permissions, enabling the user to seamlessly access the application without repeated logins.