SAML: The Language You Don't Know You're Speaking

SAML: The Language You Don't Know You're Speaking
Security Assertion Markup Language, a protocol most people use daily to log into applications, makes authentication easier for both admins and users. Here's what you need to know about SAML (and what it has to do with 'GoldenSAML').

Security Assertion Markup Language (SAML): You may have heard of it. You've likely used it at least once today to log into a website portal or enterprise application. But what is SAML? How does it work? And why do you need to know about it?




(Source: Mykyta via Adobe Stock)



What Is SAML?SAML is an XML-based standard used to authenticate into Web applications like Box, Microsoft 365, Salesforce, and Gmail for Business. The protocol handles federation, identity management, and single sign-on (SSO). Identity federation enables user identities to be stored across apps and businesses; with SAML, these apps and businesses can trust each other's users.


What Problem Does It Solve?Most apps have a database or Lightweight Directory Access Protocol (LDAP) to hold users' profile data and credentials, along with any additional data needed to verify a user. When someone signs in, this data store validates the credentials and logs them in. However, when a person has to log into multiple apps and each requires different credentials, it becomes an issue – for users who have to remember all their credentials, and for the admins who maintain and revoke them. Enter SAML.


SAML streamlines the authentication process for signing into SAML-supported websites and applications, and it's the most popular underlying protocol for Web-based SSO. An organization, or service provider (SP), has one login page and can configure any Web app supporting SAML so its users only have to authenticate on ..

Support the originator by clicking the read the rest link below.