1. Great article.

    In the SP-initiated flow which public/private keys must be exchanged beforehand, at configuration time, between the IdP and the SP ?
    That is, which keys must be present on the IdP side and which keys must be present on the SP side ?

    Kr

    • First and foremost, most important point to remember, private keys are never exchanged. Only public keys are exchanged.
      The public keys corresponding to the SP and IdP private keys respectively are exchanged. SP’s public key is configured in IdP while IdP’s public key is configured in SP.

Leave a Reply

Your email address will not be published.