SAML2.0 Assertions vs. SAML2.0 Messages

Question

I need a clarification about the terminology used in SAML2.0. I want to know if by "assertions" we mean a particular subcategory of SAML2.0 messages or if we mean ALL SAML2.0 messages.

Hans Z. · Accepted Answer

A SAML Assertion is an XML document that represents a set of claims (i.e. name/value pairs) about a user asserted by an Identity Provider. A SAML Assertion is not a SAML message itself, but it is contained in a SAML Response message. Apart from that there are other SAML messages such as SAML Requests, Logout Requests and Logout Responses that don't contain Assertions.

SAML2.0 Assertions vs. SAML2.0 Messages

Answers (1)

Related Questions