---
originalPath: >-
  .tmp-workos-clone/packages/docs/content/sso/_sequence-diagrams/saml-protocol-security-considerations.md
---
# Diagrams for 'SAML Security Considerations'

Currently MermaidJS rendering is not supported in docs.workos.com, so to see the rendering you’ll need to view this file on the GitHub website (VS Code Markdown preview does not support rendering).
Alternatively you could paste the contents into [Mermaid's live editor](https://mermaid.live/) to see rendering.

In the WorkOS docs it is required to draw sequence diagrams in FigJam, you can use the Mermaid generated sequence diagram as a guide to copy from.

## SP to IdP flows (SP initiated)

```mermaid
%%{
  init: {
    "sequence": {
       "noteAlign": "left"
    }
  }
}%%

sequenceDiagram
    autonumber
    participant u as User Agent
    participant a as Your Application
    participant sp as WorkOS

    u -->> a: Begin login flow
    a ->> u: redirect to WorkOS
    u ->> sp:
    sp -->> sp: create SAML AuthN Request
    note right of sp: Optional: <br><br> 1. Sign the whole SAML Request message (envelope)
    sp ->> u: redirect to IdP with {SAML Request}
```

## IdP to SP flows (SP initiated)

```mermaid
%%{
  init: {
    "sequence": {
       "noteAlign": "left"
    }
  }
}%%

sequenceDiagram
    autonumber
    participant u as User Agent
    participant idp as IdP
    participant sp as WorkOS

    u ->> idp: present {SAML AuthN Request}
    idp --> u: authenticate the user
    idp -->> idp: create SAML AuthN Response
    idp ->> u: redirect with {SAML Response} to WorkOS
    u -->> sp:
```