Federation Protocols Lab | ID Sentinel Solutions

📖 Overview

This lab provides hands-on experience with identity federation standards. You will explore SAML, OAuth 2.0, OpenID Connect (OIDC), and SCIM through real-world federation scenarios. Walkthroughs simulate real-world tasks IAM engineers encounter when connecting directories, identity providers, and SaaS applications.

📚 What This Covers

🤝 IdP & SP Trust Relationships

Establish secure trust between Identity Providers and Service Providers.

🔑 Authentication Flows

Implement and analyze authentication using SAML and OpenID Connect (OIDC).

🛂 Authorization Delegation

Enable secure API and resource access with OAuth 2.0 delegation.

⚙️ Automated Provisioning

Use SCIM for seamless user provisioning and deprovisioning across platforms.

📜 Tokens, Assertions & Claims

Capture, validate, and troubleshoot tokens, assertions, and claims in flows.

📁 Lab Sections

SAML Essentials

Explore IdP vs. SP roles, exchange metadata, and capture a SAML assertion during login.

View Walkthrough

OAuth 2.0 & OIDC

Run OAuth flows, extend them with OIDC, request ID tokens, and decode JWT claims.

View Walkthrough

SCIM Provisioning

Automate account provisioning/deprovisioning using SCIM APIs and attribute mappings.

View Walkthrough

🛠 Tools Used

SAML-tracer browser extension (capture SAML assertions)

Postman (OAuth, OIDC, and SCIM API calls)

JWT.io (decode and analyze JWTs)

Demo identity platforms (Okta dev tenant, Microsoft Entra ID, samltest.id)

🔗 Related Labs

Okta IAM Lab – Implements SAML, OIDC, and SCIM with a cloud IdP
Microsoft Entra ID Lab – Cloud identity provisioning, hybrid sync, and Conditional Access
Active Directory Lab – On-premises identity foundation with domains, OUs, and protocols