SAML

This is the SAML home page for the InCommon Federation.

What is SAML?

Security Assertion Markup Language (SAML) is an XML-based markup language accompanied by various protocols, bindings, and profiles. Far and away the most important profile (which builds on the other SAML components) is SAML Web Browser SSO, a secure single sign-on solution for cross-domain deployment scenarios. See the Resource section at the end of this document for pointers to reference material and documentation.

Supported Profiles

InCommon recommends that SPs and IdPs support the following protocols and profiles:

Strongly Recommended:

SAML V2.0 Web Browser SSO

Recommended:

SAML V2.0 Identity Provider Discovery Protocol
SAML V2.0 Enhanced Client or Proxy (ECP)

Optional:

SAML V2.0 Single Logout
SAML V1.1 Web Browser SSO

See the Endpoints in Metadata wiki page for details regarding SAML profiles, bindings, and protocols in metadata, and the Recommended Practices wiki page for further guidance and recommendations.

Migration to SAML V2.0

InCommon strongly recommends that all entities (IdPs and SPs) support SAML V2.0 Web Browser SSO. The benefits of SAML V2.0 are significant, to both individual participants and the Federation as a whole; see What's New in SAML 2? for more information.

Currently there are a few dozen IdPs in the InCommon Federation that do not support SAML V2.0. Consequently, SPs can not safely ignore legacy SAML V1.1 protocols, which tends to favor the latter over SAML V2.0. As a community, we are caught in a chicken-and-egg situation that can be traced back to those legacy IdPs. If most of those IdPs were to add SAML V2.0 to their portfolio, the dynamics would immediately change, for the benefit of all Federation participants.

Resource

What's New in SAML 2?
SP Support for SAML V2.0
- SP Testing for SAML V2.0
SAML V2.0 Frequently Asked Questions
InCommon Federation Software Guidelines for SAML V2.0
InCommon Use of SAML V1.1 and V2.0: A Statistical Summary (last updated 2012-05-29)

Wikipedia resources:

OASIS SAML Technical Committee

For historical data on the use of SAML V1.1 and SAML V2.0 in the InCommon Federation, see the CSV files attached to this wiki page.

	File	Modified
	File entity-count-2012-05-29.csv	Apr 03, 2020 by Albert Wu (internet2.edu)
	Labels No labels Preview
	File entity-count-2012-10-28.csv	Apr 03, 2020 by Albert Wu (internet2.edu)
	Labels No labels Preview
	File entity-count-2012-11-08.csv	Apr 03, 2020 by Albert Wu (internet2.edu)
	Labels No labels Preview
	File entity-count-2013-01-08.csv	Apr 03, 2020 by Albert Wu (internet2.edu)
	Labels No labels Preview
	File entity-count-2013-04-12.csv	Apr 03, 2020 by Albert Wu (internet2.edu)
	Labels No labels Preview

Download All

Page tree