SAML

SAML is a standard for SSO that exchanges authentication/authorization data between IdP and SP.

Updated: 2026-03-05

Definition

SAML (Security Assertion Markup Language) is commonly used for enterprise SSO.

An Identity Provider (IdP) sends a signed assertion to a Service Provider (SP) to authenticate the user.

Key points

Enterprise SSO standard
Uses signed assertions
Often used for browser-based SSO

Common mistakes

Misconfiguring certificates/clock skew causing login failures.
Not validating assertion signatures properly.

Related exams

CompTIA Security+ (SY0-701)

Free Security+ SY0-701 mini test. Continue in the app for offline packs and detailed explanations.

Microsoft Azure Fundamentals (AZ-900)

Free AZ-900 mini test. Continue in the app for offline packs and detailed explanations.

Related terms

Want to practice this in exam-style questions?

Use the mini tests on each exam page, then continue in the app for offline packs and detailed explanations.