XACML SAML Profile Version 2.0
Defines a profile for the integration of the OASIS Security Assertion Markup Language (SAML) Version 2.0 with all versions of XACML. SAML 2.0 complements XACML functionality in many ways, so a number of somewhat independent functions are described in this profile:
1) use of SAML 2.0 Attribute Assertions with XACML, including the use of SAML Attribute Assertions in a SOAP Header to convey Attributes that can be consumed by an XACML PDP
2) use of SAML to carry XACML authorization decisions, authorization decision queries, and authorization decision responses
3) use of SAML to carry XACML policies, policy queries, and policy query responses
4) use of XACML authorization decisions or policies as Advice in SAML Assertions
5) use of XACML responses in SAML Assertions as authorization tokens.
Particular implementations may provide only a subset of these functions.
Produced by:
OASIS eXtensible Access Control Markup Language (XACML) TCVoting history:
August 2014
OASIS Standard:
Cite as:
Cite as:
[XACML-SAML-v2.0]
XACML SAML Profile Version 2.0. Edited by Erik Rissanen. 19 August 2014. OASIS Committee Specification 02. http://docs.oasis-open.org/xacml/xacml-saml-profile/v2.0/cs02/xacml-saml-profile-v2.0-cs02.html. Latest version: http://docs.oasis-open.org/xacml/xacml-saml-profile/v2.0/xacml-saml-profile-v2.0.html.