SAML-2-0
XML enterprise SSO predating OAuth/OIDC.
Definition
SAML 2.0 uses signed XML Assertions (Authentication, Attribute, Authorization Decision), Protocols (AuthnRequest, ResponseRequest), Bindings (HTTP POST, HTTP Redirect, SOAP). Identity Provider (IdP) ↔ Service Provider (SP). Coupled with WS-Federation for Microsoft AD.
Origin
SAML 1.0 published by OASIS November 2002 ; SAML 2.0 on 15 March 2005.
Example in context
A Sanofi employee logs into Salesforce via SAML SSO operated by their Azure AD IdP.
Related terms
- OIDC — modern successor.