Instituto Superior Técnico

Serviços de Informática

Authentication SAML

SAML is an open authentication and authorization standard, which runs between two entities:

  • an identity provider, which holds the information about the user (identified as the main one);
  • a service provider, which requests the main one’s identity to the identity provider mentioned above.

The existence and use of this standard is justified by the need to communicate assertions about the identity of a user or between systems that use different authentication and/or proprietary technologies. CAS univocal authentication system answers to this problem only internally, to the IST community. However, SAML works in a broader universe or federation. Not storing the data needed for the individual’s authentication , the service provider requests to an identity provider which will in turn, if unable to assert the identity, hand it over to another one, within the same federation.