What is SAML?

SAML (Security Assertion Markup Language) is a security standard that allows the exchange of authentication and authorization information between different parties, in particular between an identity provider (IdP) and a service provider (SP). SAML uses an XML format to encode and transmit security information.

With SAML, when a user wants to access a SAML-protected service, he is redirected to the identity provider for authentication. If authentication is successful, the identity provider issues a SAML assertion that describes the user and their permissions. This assertion is sent to the service provider, who can then grant or deny access based on the information in the assertion.

SAML facilitates SSO (Single Sign-On) by allowing a user to authenticate once to access multiple SAML-protected services without having to re-enter his credentials. It is widely used in corporate environments for web SSO.

The three main players in the SAML protocol

  1. The user: who requests access to a protected service.
  2. The Identity Provider (IdP): which handles user authentication and issues SAML assertions describing the user and his permissions.
  3. The Service Provider (SP): who protects the service and uses SAML assertions to allow or deny user access.

The 3 main actors in SAML

Benefits of SAML

  1. SSO (Single Sign-On): SAML allows a user to authenticate once to access multiple protected services without having to re-enter his credentials.
  2. Interoperability: SAML is an open and widely adopted standard, allowing interoperability between different implementations and technologies.
  3. Security: SAML provides a high level of security by using encryption algorithms to protect SAML assertions.
  1. Flexibility: SAML can be configured to fit the needs of different authentication and authorization scenarios.
  2. Centralization: SAML enables centralization of authentication in a single identity provider, which can simplify identity and authorization management.
  3. It is a secure protocol, simple to implement.

A complete SAML offer with Evidian Web Access Manager and IDaaS

The Evidian Web Access Manager and IDaaS solutions are complete offers that can be configured as IdP and/or as SP.

Evidian solutions improve user satisfaction by eliminating password fatigue and enabling users to access all of their applications consistently, using a single set of credentials or offering multi-factor authentication (MFA).

Evidian solutions come with a set of application templates supporting the SAML protocol (Google workplace, Salesforce, etc.) which makes integrating these applications simple and fast with the IdP.

Evidian Products - Protect your company from cyber attacks by unauthorized users

Identity as-a-service

Evidian takes care of everything related to your Identity and Access Management with IDaaS

Learn more   >

Identity Governance and Administration

Manage access and authorization of all your users in your company

Learn more   >

Web Access Manager

Gateway for web apps with SSO, multi-factor authentication, identity federation

Learn more   >


Monitoring and powerful reporting for regulatory compliance

Learn more   >

Authentication Manager

Authentication Manager

Enterprise multi-factor & passwordless authentication on Windows PCs

Learn more   >

Enterprise Single Sign-On (SSO)

Secure access to legacy and web apps on PCs & mobiles with SSO

Learn more   >

Self Service Password Reset (SSPR)

Reset Windows passwords online and offline

Learn more   >


High availability software for Evidian and partner applications

Learn more   >

Evidian IAM leader in the French and German markets and in U.S. Public Sector

What are IAM cyber security tools and solutions?