EXPLANATION
Security Assertion Markup Language (
SAML, pronounced
SAM-el[1]) is an
open standard for exchanging
authentication and
authorization data between parties, in particular, between an
identity provider and a
service provider. SAML is an
XML-based
markup language for security assertions (statements that service providers use to make access-control decisions). SAML is also:
- A set of XML-based protocol messages
- A set of protocol message bindings
- A set of profiles (utilizing all of the above)
The single most important use case that SAML addresses is
web browser single sign-on (SSO). Single sign-on is relatively easy to accomplish within a security domain (using
cookies,
for example) but extending SSO across security domains is more
difficult and resulted in the proliferation of non-interoperable
proprietary technologies. The SAML Web Browser SSO profile was specified
and standardized to promote interoperability.
[2] (For comparison, the more recent
OpenID Connect protocol
[3] is an alternative approach to web browser SSO.)
0 comments:
Post a Comment