SAML

Security Assertion Markup Language (SAML) 2.0 is an XML-based standard for federated single sign-on between identity providers and applications. In a SAML SSO flow, the app redirects the user to the identity provider (Entra ID); the IdP authenticates and returns a signed XML assertion with claims about the user; the app validates the signature and creates a session. Each application has its own Entity ID, Reply URL (ACS URL), claim mappings, and signing certificate. Microsoft Entra ID supports SAML for thousands of SaaS apps via the enterprise applications gallery. SAML is mature and ubiquitous in legacy enterprise SaaS; modern apps increasingly prefer OpenID Connect (OIDC), but SAML remains widely used.