WAS v8.5 > Secure applications > Secure web services > Secure web services > Web Services Security concepts
Security Assertion Markup Language (SAML)
SAML is an XML-based standard for exchanging user identity and security attributes.
In a typical SAML usage scenario, we authenticate to a security domain and request an identity provider (IdP) to issue SAML assertions.
The SAML assertions are presented to a security provider when we request access to business resources. In many cases, the services provider and identity provider are in different security domains, meaning that we must authenticate to an identity provider user directory. Multiple security domain support allows a service provider to assert user identity and security attributes to a local security domain, based on trust relationship without requiring identity mapping.
- SAML token
- SAML assertions
- SAML default policy sets and bindings
- SAML APIs
- SAML usage scenarios
- SAML limitations