Gemalto is now part of the Thales Group, find out more.
Contact Us

SAML Authentication

What is SAML Authentication?

SAML Authentication is a method of identity verification that leverages an identity provider to authenticate users centrally to a broad range of unaffiliated websites. By relaying the authentication process to a single trusted identity provider, organizations realize numerous security, administration and cost savings benefits, and above all, relieve users of the need to maintain dozens of different usernames and passwords.

Created by the OASIS non-profit consortium, SAML, or the security assertion markup language, is an open-source XML standard, or protocol, for exchanging authentication and authorization information between an identity provider, such as SafeNet Trusted Access, and a relying party or service provider, meaning a cloud or web app, such as such as Office 365, Salesforce, AWS, Zendesk, DropBox etc.

Token-based authentication, security token services, federated authentication and identity federation are all terms that describe the capabilities that a SAML identity provider offers.

How does SAML Authentication Work?

  1. With SAML authentication, each time a user accesses an app, the authentication process is relayed to the SAML identity provider.
  2. The user enters their credentials (e.g. password, OTP, contextual attributes), which are then verified by the identity provider.
  3. The identity provider returns an access or reject response in the form of a SAML assertion. If authentication is successful, the user is granted access to the resource, and if not, access is denied.
How does SAML Authentication Work

Figure 1: SAML Identity Providers authenticate users and issue a SAML Assertion to relying apps

What is the User Experience with SAML Authentication?

  1. A user accesses an app, and is redirected to the identity provider for authentication.
  2. They enter their credentials into the login portal.
  3. Upon successful authentication, they are logged in to the resource.

Benefits of SAML Authentication in the Enterprise

  • A single user identity for all resources
  • 20% lower help desk costs
  • Reduced risk of a data breach
  • Single pane management of apps and identities

Why SafeNet Trusted Access for SAML Authentication?

Each cloud and web application works with a different set of SAML attributes, which may include one or more of various fields such as User ID, email address, group membership, postal address, alias and others. Therefore, in order to successfully integrate a central SAML identity provider with a cloud or web app, the identity provider must be able to provide these details in the SAML assertion.

SafeNet Trusted Access makes it a breeze to apply single sign on using SAML authentication, as it offers a catalogue of pre-integrated applications. Just add the cloud or web app that you already use today, and start applying Smart Single Sign-On with business-driven access policies.

SAML Authentication - User Experience

Figure 2: SAML Authentication - User Experience

Take this free risk assessment tool!

Access Management Risk Assessment Tool

How are you securing your cloud apps? Learn where you are in your cloud adoption journey and how best to secure your apps simply and securely.

Take this free risk assessment tool!


What is an Identity Provider (IdP) and Do You Need One?

The explosion of cloud-based applications is making IT and security professionals rethink their cloud identity management strategy. Learn how deploying an Identity Provider enables Single Sign-On, compliance with regulations such as PCI DSS and reduced management overheads.

Watch the webinar

Access Management Handbook


Get everything you need to know about access management. Download the handbook to keep key concepts, technologies and standards at your fingertips.

Get this resource

Demo of SafeNet Trusted Access


Join the bi-weekly 30-minute demo webinar of SafeNet Trusted Access, and see how simple it is to manage access to all your cloud apps.

Register for the Demo today

Before you choose Microsoft – 5 Things to Check in an Access Management solution

Organizations with Microsoft environments are inclined to implement Microsoft’s native access management solutions (namely, Azure AD and AD FS). Join this webinar to learn the five things to consider before implementing Microsoft’s access management solutions.

Watch the webinar
Back to Top

Contact Us

Thank you for your interest in our products. Please fill out and submit the form to receive more information about Gemalto or to be contacted by a Gemalto specialist.

Your Information

* Email Address:  
* First Name:  
* Last Name:  
* Company Name:  
* Phone:  
* Country:  
* State (US Only):  
* Province (Canada/Australia Only):  

By submitting this form I agree to receive information from Gemalto and its affiliates as described in our Privacy statement.