SAML 1.1

SAML 1.1

Security Assertion Markup Language (SAML) is an XML standard for exchanging authentication and authorization data between security domains. SAML is a product of the OASIS (organization) Security Services Technical Committee.

SAML 1.1 was ratified as an OASIS standard in September 2003. The critical aspects of SAML 1.1 are covered in detail in the official documents #SAMLCore and #SAMLBind. If you are new to SAML, you should probably read the introductory SAML topic first, and then the #SAMLOverview document from OASIS.

Prior to SAML 1.1, SAML 1.0 was adopted as an OASIS standard in November 2002. SAML has undergone one minor (V1.1) and one major revision (V2.0) since V1.0, which itself is a relatively simple protocol. SAML 1.0 is of more than historical interest, however, since the US Federal E-Authentication Initiative has adopted SAML 1.0 as its core technology.

Fortunately, versions 1.0 and 1.1 of SAML are similar. See #SAMLDiff for specific differences between the two standards. This article concentrates on SAML 1.1 since it is an important standard upon which many other standards and implementations depend.