Security Assertion Markup Language (SAML) is an XML based security token which is used to exchange authentication and authorization data between two entities. It is one of the most widely used open standards to perform brokered authentication and web browser based single-sign-on. "Assertion Query/Request Profile" defines a protocol for requesting dynamic or existing assertions by reference or by querying on the basis of a subject and additional statement-specific criteria. Assertion Query/Request Profile defines five major request/query message types which can be used to request assertions from SAML authority.

  1. AssertionIDRequest
  2. SubjectQuery
  3. AuthnQuery
  4. AttributeQuery
  5. AuthzDecisionQuery



Gayan Liyanaarachchi


  • Omindu