Table of contents
Definition
Security Assertion Markup Language (SAML) is an exchange format based on XML [↗] used to share identity information between an identity provider (IdP) and a software application in other to authenticate end-users.
Use Cases and Examples
You know how you can access multiple Google products with your Gmail account? Gmail here is acting as an identity provider and in theory, SAML could be the format in which Gmail sends information to the other products to grant you access.
One of the benefits is that the end user needs to memorize just one credential instead of multiple ones per application. Also, the user might not have to log in to the other applications once they are logged into the first one, this saves time.
Also if a user's login credential is compromised, a mitigation plan can be applied at a central point and further compromise can be avoided across several applications all at once. This, however, is a double-edged sword as this means if someone gains access to the user's credential they can access several other systems and if not stopped in time the effects can be catastrophic.
Summary
There are many identity provider tools out there. There is Keycloak [↗] which is an open source Identity provider and Onelogin [↗] and Okta [↗] both being paid services.
Here is another article you might like 😊 "Diary Of Insights: A Documentation Of My Discoveries"