SAML is being applied in a number of different ways, one of which is Attribute-based authorization.
SAML is defined in terms of assertions, protocols, bindings, and profiles.
An assertion is a package of information that supplies one or
more statements made by a SAML authority. SAML defines three different
kinds of assertion statement that can be created by a SAML authority: