Security Assertion Markup Language (SAML) 2.0
SAML is the foundation for much of the current identity federation activity. SAML 2.0 is preceded by SAML 1.0 and 1.1. SAML 1.1 was released in 2003 and had just two scenarios (also known as profiles), and both were IdP-initiated. Shibboleth 1.3 and Liberty Alliance—WS-FF 1.2 extended SAML 1.1, and SAML 2.0 was released by OASIS in 2005.
The following table shows the SAML core principles:
Assertions | Protocols | Bindings |
Package of identityinformation | Request/response based | Associates a message (protocol) with transport (communication mechanism) |
Synonym token | Defines the messaging requirements | Examples:
|
XML-based | Examples:
|
In the next section, we will talk about the key facts of the SAML 2.0 protocol.
Key facts about SAML
The SAML standard provides accurate messages for the transfer of requests and assertions (claims). SAML offers several options for the transfer of information...