Glossary

SECURITY ASSERTION MARKUP LANGUAGE / SAML
defined.

An XML-based standard for exchanging authentication and authorization data between an identity provider and a service provider.

A–Z

What is Security Assertion Markup Language (SAML)?

SAML 2.0 remains common in enterprise SSO (Okta, ADFS, Ping). Security risks are XML-specific: signature wrapping attacks, XXE on the parser, replay attacks, and weak certificate validation.

Related terms.

OAuth 2.0
OpenID Connect (OIDC)
JSON Web Token (JWT)
XML External Entity (XXE)

Where this shows up.

See our web application penetration testing, API security testing, network penetration testing, and cloud security audit services for how we test for and defend against this class of issue.

Test for this in your stack

BOOK A FREE
scoping call.

30-minute call with an OSCP-certified engineer. Tailored proposal in 24 hours.

Book Free Scoping Call →All Services

SECURITY ASSERTION MARKUP LANGUAGE / SAMLdefined.

What is Security Assertion Markup Language (SAML)?

Related terms.

Where this shows up.

BOOK A FREEscoping call.

SECURITY ASSERTION MARKUP LANGUAGE / SAML
defined.

BOOK A FREE
scoping call.