# SAML 2.0
Security Assertion Markup Language (SAML) is an XML-based standard for exchanging authentication and authorisation data between security domains. This is normally between an identity provider like Signicat and a service provider (the customer). SAML is a product of the OASIS Security Services Technical Committee (opens new window).
SAML assumes that the end-user has enrolled with at least one identity provider. This identity provider is expected to provide local authentication services to the end-user. However, SAML does not specify the implementation of these local services; indeed, SAML does not care how local authentication services are implemented.
SAML has been a de facto standard protocol for identity management and is now supported by most of the biggest actors in the computer industry. For detailed information about SAML 2.0, relevant technical terms and access to several white papers, visit this page (opens new window) on the OASIS website.
Signicat supports the SAML 2.0 standard fully, via a gateway commonly referred to as the 'SAML gateway' or 'SAML2 gateway'. If you are using an identity federation service such as Microsoft AD FS or Oracle Identity Federation, then you are most likely interested in Signicat's SAML2 gateway.
# Authentication using SAML 2.0
Signicat's SAML2 gateway provides a solution for end-user authentication over the SAML2 protocol between two parties: a service provider (SP) and Signicat as the identity provider (IdP). The SAML2 gateway is integrated with Signicat's eID hub, which means that you can perform authentications over the SAML2 protocol with all ID methods supported by Signicat.
Setting up a SAML 2.0 authentication service between an SP and an IdP requires no programming and no third-party client kits, only configuration.
# Using a federation service
The service provider can establish a SAML2 federation service on their side. Examples of such federation services are:
- Microsoft Active Directory Federation Services (AD FS)
- Oracle Identity Federation (OIF)
- SimpleSAML (opens new window), a PHP-based solution developed through a project led by UNINETT in Norway.
The IdP, and other communication parameters between SP and IdP, should be configured in this SAML 2.0 federation service. After the SAML2 configuration is established, you will need to define the SAML2 configuration in the federation system.