...
  • Product
    Features

    Take a look at our full features list and description.

    Security

    We are committed to privacy and security at every level.

  • Use Cases
    Planning

    Transform your ideas into clear and effective plans.

    Management

    Take control of your processes and discover new insights.

    Writing

    Easily build your documentation directly from your process flows.

  • ProFrameworks
  • Pricing
  • Resources
    Knowledge Base

    Our latest documentation with articles by category and topic.

    Templates

    Browse our ready-made templates to get started quickly.

    Blog & News

    We post routinely with news, announcements and blog articles.

    Contact Support

    Do you have an issue? Want to request a feature, or report a bug?

  • Log In
  • Try for Free
Blog & News SAML, Security, TeamFlow, and You

SAML, Security, TeamFlow, and You

Sep 28, 2022 | By Terry Alortott

SAML, Security, TeamFlow, and You

Security for a company can be daunting. Especially today, where most transactions are online or through services rather than products. With this consistent uptrend in digital markets, it’s often assumed that your sign-in and transactions are secure. But, security isn’t as simple as waving a magic wand. It takes some “know-how” and some skill to make sure your company is on the right security track. To help with some of this we’re going to take a look at some core concepts of security. Such as SAML security, and how to visualize the security itself within TeamFlow to better understand it.

Security Illustration

Let’s start off by asking “What is SAML?” SAML stands for “Security Assertion Markup Language”. SAML is written in XML format for transferring data.

Note: XML or “Extensible Markup Language” is a standardized format of data reaching back to 1996. XML is how SAML is formatted and written. Before XML each protocol had its own way to transfer data. But it became a bit of a headache. Using XML as the standard works fine because XML is lightweight, easy to read, and is predictable. XML also formats its data into stanzas. Sort of like a poem so it’s simple for us to interpret info coming to us and being sent out.

When SAML sends its data between two systems, what it’s looking to do is provide a base of an Identity Provider or (IdP) and a Service Provider (SP). When these two shake hands, they’ll let you into an application. Or they will sign up on a website using your emails. So let’s take a look at how this process happens and how it looks when visualized in a process flow.

Note: There is one more party when it comes to SAML. And that’s what is referred to as the “principle.” This is almost always you – the human subject – but for simplicity stick to the (IdP) and the (SP).

With SAML, you’ll be able to access many sign-ins with a single credential because of how the SAML is authorized. For now let’s take a look at how SAML works in a real setting. Let’s make up a situation in which SAML is used. Let’s talk about the user “Gandalf.”

Gandalf checks his email

Gandalf wakes up in the morning and the first thing he does is sign into his MiddleEarthMail.com. This is a good thing because MiddleEarthMail.com is an SSO or (Single Sign-On). This means that once Gandalf puts his login credentials into his email the system will verify he’s already signed in. So even if he exits out of the email tab in his browser, he can open it back up again and he’s still connected.

Gandalf is also planning a little adventure. So he wants to sign up for Trello to plan his “workcation.” Instead of making a new username and password, Gandalf can use SAML to sign in using his MiddleEarthMail account. No new passwords needed and no new confirmation emails. He simply logs in because Trello was able to send a request to Gandalf’s Identity Provider.

MiddleEarthMail receives the request based on user tags. Then it sends authentication and authorization messages back to the Service Provider, Trello. All this happens in the matter of milliseconds, with no fuss or worry.

Gandalf is able to login to Trello and start forming his team by sending eight emails out to join the new Trello board.

SAML is a great way to streamline your logins. It provides less friction for new users, while providing security to your site and your users. Security is one of those fields that the more you get into it the more complex it can be. TeamFlow helps with that by giving you visualizations to understand complexity. As we’ve seen, we are able to import/export, create, edit, and share all kinds of security information. Such as Standard Operating Procedures (SOPs) and process models of our security workflows related to user logins.

(Click to drag the diagram to view all of the steps in the plan.)

Each graph is going to be unique to what you need. But with these blog posts we can help give you an idea of how other people make their workflows and pipelines. With a few simple clicks, TeamFlow was able to produce a detailed onboarding process flow. This also becomes our source-of-truth, so we can add more as our needs change and update our docs in real-time.

If you have any suggestions or feedback on this article, please drop us a line. As always, thank you for reading and we hope you check back soon for more helpful guides on compliance and other industry topics. To get notifications on when we post our next article, please follow us on Twitter and LinkedIn.

Follow us for more updates

  • ...
  • pinterest
  • linkedin
  • youtube

Recent Posts

  • SAML, Security, TeamFlow, and You
  • How to Do Onboarding
  • How Do Governments Plan for Flooding?
  • Case Study: Santa Process Improvement
  • Who's Coming to Dinner?
  • How to Start a Business
  • How to Write a Training Manual
  • How to Become HIPAA Compliant
  • Upcoming Topics
  • Welcome to Our Blog

Disclaimers

The information included within this blog is not intended to be legal advice and may not be used as legal advice. We make efforts to ensure all information provided is up-to-date. These resources are not intended to be full and exhaustive explanations of the law in any area. They should not be used to replace the advice of legal counsel.

Ready to get started?

Sign up today and See How Work Happens™

Start a Diagram
...®

See How Work Happens.TM

  • ...
  • pinterest
  • linkedin
  • youtube
Product
  • Features
  • Security & Privacy
  • Pricing
  • Release Notes
Use Cases
  • Planning
  • Management
  • Writing
Support & Learn
  • Knowledge Base
  • Blog / News
  • Contact Support
  • Templates
  • Integrations
  • Professional Services
Legal
  • Privacy Policy
  • Cookie Policy
  • Terms of Use
©2022 All Rights Reserved. TeamFlow® is a registered trademark. All rights reserved.
TeamFlow® Classic user? Please contact us at hello@teamflow.com.