Security Assertion Markup Language (SAML) is an XML-based framework used to authorize, authenticate and communicate attributes and privileges of a user. It provides numerous benefits to enterprises, organizations and governments. However, SAML has been widely adopted for three primary reasons: SAML is standardized, secure, and provides an excellent user experience.
1. Standardized
The SAML standardized format is designed to interoperate with any system independent of implementation. This enables a more open approach to architecture and identity federation without the interoperability issues associated with vendor-specific approaches.
[promobox]
White Paper: Introduction to SAML
Learn how SAML is used by enterprise organizations for SSO
[/promobox]
2. Security
In the modern era of computing, security is of the utmost importance when it comes to enterprise applications. SAML is used to provide a single point of authentication at a secure identity provider, meaning that user credentials never leave the firewall boundary, and then SAML is used to assert the identity to others. This means that applications do not need to store or synchronize identities, which in turn ensures that there are fewer places for identities to be breached or stolen. SAML also provides a strong layer of security by leveraging Public Key Infrastructure (PKI) to protect the asserted identities against attempted attacks.
3. User Experience
Arguably, one of SAML’s greatest benefits is the user experience it provides. SAML provides the ability for users to securely access multiple applications with a single set of credentials entered once. This is the foundation of federation and also of single sign-on (SSO). Using SAML, users can seamlessly access multiple applications, allowing them to conduct business faster and more efficiently.
SAML uses assertions to enable an Identity Provider to securely communicate attributes and privileges of a user to a Service Provider. Assertions carry detailed information about the user, including: what application rights they have, if they are allowed to access multiple applications, how long they may access the application and much more. To learn more about SAML assertions and how they work, download the Introduction to SAML white paper.