Security Assertion Markup Language (SAML) is a standards-defined protocol. The specification defines the syntax and semantics for assertions made about a subject. Subjects are typically end users of a system. SAML assertions and protocol messages are XML-encoded but rely on HTTP-based mechanisms for transport between entities.

SAML enables web-based Single Sign On (SSO). It also provides for centralized federated identity and authentication management. Microsoft Active Directory Federation Services (AD FS) is the SAML-based Identity Provider (IdP) which has been tested and which is referred to in this document. However, other IdPs may also work. AD FS is a standards-based service running on a Microsoft box that allows the secure sharing of identity information between trusted parties. In general terms, this is known as a federation. AD FS supports SAML, essentially playing the role of a SAML IdP. The LoadMaster supports SAML, playing the role of a SAML service provider. The service provider provides secure, gated access to a resource.