Security Assertion Markup Language (SAML) is an XML standard for exchanging authentication and authorization data between security domains. SAML is a product of the OASIS (organization) Security Services Technical Committee.
SAML 1.1 was ratified as an OASIS standard in September 2003. The critical aspects of SAML 1.1 are covered in detail in the official documents SAMLCore[1] and SAMLBind.[2] If you are new to SAML, you should probably read the introductory SAML topic first, and then the SAMLOverview[3] document from OASIS.
Prior to SAML 1.1, SAML 1.0 was adopted as an OASIS standard in November 2002. SAML has undergone one minor (V1.1) and one major revision (V2.0) since V1.0, which itself is a relatively simple protocol. SAML 1.0 is of more than historical interest, however, since the US Federal E-Authentication Initiative has adopted SAML 1.0 as its core technology.
Versions 1.0 and 1.1 of SAML are similar. See SAMLDiff[4] for specific differences between the two standards. This article concentrates on SAML 1.1 since it is an important standard upon which many other standards and implementations depend.
Warning: Implementers and deployers should note well that all code examples in this article are non-normative and for illustration purposes only. Consult the OASIS SAML specifications for normative requirements.
SAMLCore was invoked but never defined (see the help page).SAMLBind was invoked but never defined (see the help page).SAMLOverview was invoked but never defined (see the help page).SAMLDiff was invoked but never defined (see the help page).