mermaid for OAuth SAML Bearer Assertion Flow

gregorwolf · Mar 6, 2024 · 345eb3a · 345eb3a
1 parent 457fb25
commit 345eb3a
Showing 1 changed file with 31 additions and 0 deletions.
diff --git a/test/entra-id-saml-bearer.md b/test/entra-id-saml-bearer.md
@@ -0,0 +1,31 @@
+# OAuth SAML Bearer Assertion Flow
+
+::: mermaid
+sequenceDiagram
+%% participants
+participant User as User
+participant WebApp as Web Application
+participant IdP as Identity Provider
+participant XSUAA as SAP BTP Authentication
+participant BTPApp as SAP BTP Application
+%% arrows
+loop Setup
+WebApp-->>IdP: Trust Configuration
+IdP-->>XSUAA: Trust Configuration
+end
+User->>WebApp: Open App
+WebApp->>IdP: Requests User Authentication
+IdP->>User: Ask User for credentials and other factors
+User->>IdP: Provides credentials and other factors
+IdP->>WebApp: Provides JWT
+WebApp->>User: Session Cookie
+User->>WebApp: Request to SAP
+WebApp->>IdP: Requests SAML Assertion with JWT
+IdP->>WebApp: Provides SAML Assertion
+WebApp->>XSUAA: Requests BTP JWT with SAML Assertion
+XSUAA->>XSUAA: Validates SAML Assertion
+XSUAA->>WebApp: Provides BTS JWT
+WebApp->>BTPApp: Sends request with BTS JWT as Authorization Header
+BTPApp->>WebApp: Response with Application data
+WebApp->>User: Forward Application Data
+:::