I'm trying to understand the basic flow of an IdP-initiated SSO from a developer's point of view. I am also trying to trace this flow from the sample application provided together with the .NET Integration Kit.
Based on this link: http://documentation.pingidentity.com/display/PF610/OpenToken+Adapter+Configuration
- The PingFederate SP server parses the SAML assertion and passes the user attributes to the OpenToken SP Adapter. The Adapter encrypts the data internally and generates an OpenToken.
Question: How does the PingFederate server parse the SAML assertion? Do I have to code it from the SP server? Or will the set-up of the PingFederate server do the parsing?
What I know for now is that I need to develop the part that parses the OpenToken that is returned by the PingFederate server.
