SAML Development Guide
Security Boulevard, Wednesday, February 4th, 2026
Ever felt like you're drowning in xml tags while trying to get a simple login working? SAML is that old-school beast that still runs the show for big enterprise deals, even if it feels a bit clunky compared to modern stuff.
In this world, we talk about two main players. The identity provider (idp) is the source of truth-think of it as the vault
Anatomy of a SAML Assertion
So you've survived the high-level talk, now let's actually look at the xml. Think of a SAML assertion as the "meat" inside the sandwich; it's the actual claim that says "Hey, this person is definitely who they say they are."
When you're digging through a response, the assertion is where the real data lives.