Security Assertion Markup Language (SAML) is a way to securely pass authorization credentials so that a user can access SaaS applications.
Terms related to Security Assertion Markup Language: Cybersecurity, SaaS, Authentication, Authorization, Single Sign On, SSO
SAML is designed to securely authenticate users when they attempt to access certain systems and software. SAML is primarily used in the “Software as a Service” (SaaS) industry. SaaS typically provides online software that users sign into to perform certain tasks — Slack, Google Docs, Hubspot, Trello, and similar apps are good examples of SaaS.
SAML helps to deal with a major issue for corporate cybersecurity — the ability to sign on to SaaS from anywhere, with any device. Traditional software can demand that a user already has an authenticated presence on the corporate network before allowing access to sensitive systems, but SaaS platforms may not provide similar controls.
SAML uses authentication techniques to ensure only authorized users can access specific SaaS platforms and information. It can also act as a single sign on for SaaS platforms — users may only need to authorize themselves once, then SAML could give them access to other SaaS applications.
A user would normally sign into their corporate single sign-on system and authenticate themselves. Once the user is authorized, specialist software uses SAML to send a special, tokenized, digitally signed, XML document to an SaaS provider to grant access to the application.
Combining SAML with robust multifactor authentication can provide greater security for SaaS application access, wherever and however employees are accessing data and systems.