S
SAML (Security Assertion Markup Language)
An XML-based standard for exchanging authentication and authorization data between identity providers and service providers.
What is SAML?
Security Assertion Markup Language (SAML) is an open standard for exchanging authentication and authorization data between parties. It enables Single Sign-On (SSO) by allowing identity providers to pass credentials to service providers.
SAML Components
- Identity Provider (IdP): Authenticates users and issues assertions
- Service Provider (SP): Relies on IdP for authentication
- User Agent: Browser through which user accesses services
- Assertions: XML documents containing authentication data
How SAML Works
- User accesses service provider application
- SP generates SAML request, redirects to IdP
- IdP authenticates user (if not already authenticated)
- IdP generates SAML response with assertions
- Response sent to SP via user's browser
- SP validates assertion and grants access
SAML Assertions
- Authentication: Proves user identity verification
- Attribute: Contains user attributes (name, email, roles)
- Authorization: Specifies what user can access
SAML Benefits
- Established enterprise standard
- Reduces password fatigue
- Centralized authentication management
- Supports complex enterprise scenarios
- Strong security with digital signatures