The Security Assertion Markup Language (SAML) is a security protocol that is based on XML. SAML allows the exchange of security assertions about a subject, such as a person or a computer, that is requesting access to a secure domain. Assertions include whether the subject can access certain resources, and whether an external data source, such as a policy store, is used.
A typical use of SAML-based authentication is in a federated environment, such as cloud-based services that require an extra layer of security in the corporate network. But any SAML implementation involves at least three component roles: