SAMLv2.0 HTTP POST “SimpleSign” Binding

Approved: 27 Mar 2008

Defines a SAML HTTP protocol binding, specifically using the HTTP POST method, and not using XML Digital Signature for SAML message data origination authentication. Rather, a “sign the BLOB” technique is employed wherein a conveyed SAML message is treated as a simple octet string if it is signed. Conveyed SAML assertions may be individually signed using XMLdsig. Security is optional in this binding.

Security

Produced by:

Security Services (SAML) TC

Voting history:

March 2008

Voting History

OASIS Standard:

Committee Specification 01

HTML
PDF
ODT

Cite as:

Cite as:
[SAML2.0-binding-simplesign] SAMLv2.0 HTTP POST "SimpleSign" Binding. Edited by Jeff Hodges and Scott Cantor. 27 March 2008. OASIS Committee Specification 01. http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-binding-simplesign-cs-01.html. Latest version: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-binding-simplesign.html.

SAMLv2.0 HTTP POST “SimpleSign” Binding

Produced by:

Voting history:

OASIS Standard:

Cite as:

The work of OASIS is supported by organizations from around the world. Members include: