When an unauthenticated user tries to reach a hosted service, such as Gmail, Google will send a SAML request to the partner, which acts as the identity provider in the SAML transaction. In this step, you can click the Generate SAML Request button, prompting Google to create the SAML request. The request contains four variables:
AUTHN_ID - A 160-bit string containing a string of randomly generated characters.
ISSUE_INSTANT - A timestamp indicating the date and time that Google generated the request.
PROVIDER_NAME - A string identifying the service provider's domain (google.com).
ACS_URL - The URL that the service provider uses to verify a SAML response. This demo uses the following URL:
https://www.google.com/a/psosamldemo.net/acs
Step 3: Submitting the SAML Request
You can now review the generated SAML request before submitting it to the identity provider.