IT:AD:WS-Federation

Summary

Regarding the use of SAML in WS-Federation

IMPORTANT: There can be some confusion in that WS-Federation uses only part of the SAML specification: specifically, just (?) the XML language part, and not the protocol.

For example it uses XML/-based Security Token/ format that carries assertions (Claim/s) in a secure manner in that the issuing STS/ digitally signs the token and usually encrypts it for the #RP/.

Since it is XML-based, SAML has extensiblity, which makes it a very flexible standard. Two federation partners can choose to share whatever identity attributes they want in a SAML assertion (message) payload as long as those attributes can be represented in XML. This flexibility has even led to pieces of the SAML standard, such as the SAML assertion format, being incorporated into other standards such as WS-Federation.

>*The company previously supported the SAML token, but never the transport profiles of the protocol"*.

Resources