What is SAML and why does it matter for cyber security
Ali Sayyed

The definition of SAML

SAML is an XML-based standard for sharing authentication and authorisation data between parties, often an identity provider (IdP) and a service provider (SP). SAML facilitates Single Sign-On (SSO) across many applications or systems by allowing a user to authenticate with one application and then access other apps without having to re-enter their login credentials.

SAML operates by issuing assertions to the SP, which are statements regarding the identity of a person or a group of users, as well as their entitlements. The claims are digitally signed to assure their integrity and validity, and they may be used to provide access to protected resources by the SP.

Several Identity and Access Management (IAM) systems support SAML, which is commonly used in business contexts. It is also a standard protocol for federated identity management, allowing companies to safely communicate identity information across security domains.

How does SAML support organizations in increasing cyber security?

SAML is a common standard for federated identity management implementation. Federated identity management allows users to utilize a single set of credentials to authenticate to numerous applications or systems. This is accomplished by utilizing a trusted third party, the identity provider (IdP), who handles the authentication and authorisation procedure.

When a user attempts to access a protected resource in an application or system, the application or system sends an authentication request to the IdP. The IdP verifies the user's identification and generates an assertion including information about the user's identity and entitlements. The IdP digitally signs the statement to verify its integrity and validity. The assertion is subsequently sent by the IdP to the application or system, which might utilize it to get access to the protected resource.

Organizations that utilize SAML for federated identity management may give their users with a unified Single Sign-On (SSO) experience across numerous apps or systems. Users must only authenticate once with the IdP before they may access other apps or systems without providing login credentials again. This increases user productivity while decreasing the likelihood of password fatigue and user mistakes.

Several Identity and Access Management (IAM) systems support SAML, which is extensively used by corporate companies. It enables companies to communicate identity information across various security domains while keeping control over access to their resources by providing a standardized and safe method for sending authentication and authorization data between parties.

What is the difference between OIDC vs SAML

Both OIDC (OpenID Connect) and SAML (Security Assertion Markup Language) are federated identity management and Single Sign-On protocols (SSO). There are, however, some significant discrepancies between OIDC vs SAML protocols

1. OIDC is an extension of the OAuth 2.0 protocol, which is mostly used for access delegation, whereas SAML is a separate protocol that concentrates on transmitting authentication and authorization data between parties.

2. User Experience: OIDC delivers a better user experience than SAML for online and mobile apps. By redirection and the usage of the browser-based authentication flow, OIDC enables seamless SSO, whereas SAML requires a separate SSO site or plugin to commence SSO.

3. Token Format: For transferring identity information, OIDC employs JSON Web Tokens (JWTs), whereas SAML uses XML-based assertions.

4. Security: Since it supports more current security features like token binding and dynamic client registration, OIDC is usually thought to be more secure than SAML.

In summary, both OIDC and SAML are standards used for federated identity management and SSO; however, OIDC is better suited for modern web and mobile applications and provides more advanced security features, whereas SAML is more widely adopted and frequently used for integrating with legacy systems.