The SAML XML.org web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.
SAML Specifications
SAML V2.0
SAML version 2.0 was approved as an OASIS Standard in March 2005. The complete SAML 2.0 OASIS Standard set (PDF format) and schema files are available in this zip file.
Approved Errata for SAML V2.0 was last produced by the SSTC on 1 May 2012. In addition to the normative errata document, the following non-normative "errata composite" documents have been provided that combine the prescribed corrections with the original specification text, illustrating the changes with margin change bars, struck-through original text, and highlighted new text.
The original approved specification set (without errata markup) consists of:
- Assertions and Protocols (also known as "Core")
- Bindings
- Profiles
- Metadata
- Authentication Context
- Schemas: main schema, common schema types, IP, IP password, Kerberos, mobile one-factor contract, mobile one-factor unregistered, mobile two-factor contract, mobile two-factor unregistered, nomadic telephony, personal telephony, PGP, password-protected transport, password, previous session, smartcard, smartcard PKI, software PKI, SPKI, secure remote password, SSL certificate, telephony, authenticated telephony, time sync token, X.509, XML Signature
- Conformance Requirements
- Security and Privacy Considerations
- Glossary (also available in HTML)
SAML V1.1
SAML V1.1 was approved as an OASIS Standard in August 2003. The complete SAML V1.1 OASIS Standard set (PDF format) and schema files are available in a ZIP file.
The approved specification set consists of:
- Assertions and Protocol (oasis-sstc-saml-core-1.1)
- Bindings and Profiles (oasis-sstc-saml-bindings-1.1)
- Conformance Program Specification (oasis-sstc-saml-conform-1.1)
- Glossary (oasis-sstc-saml-glossary-1.1)
The XML schema files for SAML 1.1 are:
- Assertion Schema (oasis-sstc-saml-schema-assertion-1.1.xsd)
- Protocol Schema (oasis-sstc-saml-schema-protocol-1.1.xsd)
Additional documents related to the version 1.1 specifications are:
- Errata (sstc-saml-errata-11-draft-16)
- Security and Privacy Considerations (oasis-sstc-saml-sec-consider-1.1)
- Version 1.1 Issues (sstc-saml-issues-1.1-draft-01)
- Differences from v1.0 (sstc-saml-diff-1.1-draft-01)
SAML V1.0
SAML V1.0 was approved as an OASIS Standard in November 2002. The SAML V1.0 OASIS Standard is available as ZIP file and as the following separate files:
- Use Cases and Requirements (draft-saml-reqs-01.pdf)
- Domain Model (draft-sstc-use-domain-05.pdf)
IRTF AAA Architecture group RFCs:
- RFC 2903: Generic AAA Architecture
- RFC 2904: AAA Authorization Framework
- RFC 2905: AAA Authorization Application Examples
- RFC 2906: AAA Authorization Requirements
- Login to post comments
- 590375 reads