SAML stands for Security Assertion Markup language.
Generally, users need to enter a username and password to login in any application.
SAML is a technique of achieving Single Sign-On (SSO).
Security Assertion Markup Language (SAML) is an Xml-based framework that allows the identity providers to provide the authorization credentials to the service provider.
With SAML, you need to enter one security attribute to log in to the application
SAML is a link between the authentication of the user's identity and authorization to use a service.
SAML provides a service known as Single Sign-On means that users have to log in once and can use the same credentials to log in to another service provider.
With SAML, both the service provider and identity provider exist separately, but centralizes the user management and provides access to the SaaS solutions.
SAML authentication is mainly used for verifying the user's credentials from the identity provider.
Advantages of SAML:
SAML SSO (SINGLE SIGN-ON): SAML provides security by eliminating passwords for an app and replacing them with the security tokens. Since we do not require any passwords for SAML logins, there is no risk of credentials to be stolen by unauthorized users. It provides faster, easier and trusted access to cloud applications.
Open Standard SINGLE SIGN-ON: SAML implementations confirms to the open standard. Therefore, it is not restricted to a single identity provider. This open standard allows you to choose the SAML provider.
Strong Security: SAML uses federated identities and secure tokens to make SAML one of the best secure forms for web-based authentication.
Improved online experience for end users: SAML provides SINGLE SIGN-ON (SSO) to authenticate at an identity provider, and the identity provider sends the authentication to the service provider without additional credentials.
Reduced administrative costs for service providers: Using single authentication multiple times for multiple services can reduce the administrative costs for maintaining the account information.
Risk transference: SAML has put the responsibility of handling the identities to the identity provider.