SAML 2.0 is an XML-based protocol that facilitates the passing of the session information in the form of a security token. These tokens will be carrying the authentication and authorization information of the principal across the web servers involved. The cross-domain single sign-on is possible using an XML protocol such as SAML, which involves an Identity provider (SAML authority) and service web server (SAML consumer) that will get the security tokens from the SAML implementation. With this mechanism, we will be able to avoid maintaining principal credential information in many areas that in turn will make the security ecosystem a robust one.
The SAML 2.0 critical aspects are SAML conformance, SAML core module, SAML bindings definitions, and SAML profiles information. Let's take a quick look at these critical aspects: