What is Security Assertion Markup Language SAML?

Understanding Security Assertion Markup Language SAML

A version of the SAML standard for exchanging authentication and authorization data between security domains. SAML 2.0 is an XML-based framework for communicating user authentication entitlement and attribute information between systems particularly for web-based single sign-on. It enables users to authenticate once with an identity provider and then access multiple service providers without re-authenticating. SAML 2.0 is defined by the OASIS standard and referenced in identity frameworks like NIST SP 800-63. Organizations implement SAML through identity providers service providers federation relationships metadata exchange and attribute management. For example a university might implement SAML 2.0 to enable single sign-on across various campus services allowing students and faculty to authenticate once to the universitys identity provider and then seamlessly access the learning management system library resources and research databases provided by different vendors with relevant attributes like department and role securely transferred to each service. Related terms Single Sign-On SSO Federation Identity Provider IdP Service Provider SP XML Authentication assertion Identity and access management Federated identity.