Authenticate web service clients with a SAML (Security Markup Assertion Language) Token
Web Services Security SAML Token Profile 1.1 defines how to use Security Assertion Markup Language (SAML) V1.1 and V2.0 assertions with the Web Services Security (WSS): SOAP Message Security V1.1 specification. Liberty supports Web Services Security SAML Token Profile 1.1 for SAML v2.0 assertion with bearer confirmation method.
About this task
Liberty supports SAML v2.0 with bearer confirmation method (<SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">). A web services client propagates a SAML token to the web services provider as a means of identifying the requester, and the web services provider can use this SAML token information to authenticate the requester.
The requirement of a SAML token is expressed as one of the supporting tokens in the WS-Security policy. You can add a SamlToken requirement as a required token in one of the supporting token assertions, including SupportingTokens, SignedSupportingTokens, SignedEncryptedSupportingTokens, and EncryptedSupportingTokens.