An assertion is nothing but a collection or package of information that is bundled and distributed by the SAML authority to the SAML consumers. SAML 2.0 comes with three types of assertion statements called authentication, attribute, and authorization decision:
Authentication assertion is the user that has proven his or her identity
Attribute assertion carries specific information about the principal that will help the system to understand the limits or parameters of the users
Authorization decision assertion has the authorization details such as resource access and role access
A SAML assertion XML file may have child elements, as shown in the following screenshot:
saml:Issuer
element: This is the unique identifier of the Identity providersaml:Subject
element: This identifies the authenticated principalsaml:AuthnStatement
element: This is the authentication level of the Identity provider