A reference to a SAML message is called an artifact.
The receiver of an artifact resolves the reference by sending a In response, the service provider returns the SAML element referenced by the enclosed artifact.
In the following example, both the service provider and the identity provider use an HTTP POST Binding.
Initially, the service provider responds to a request from the user agent with a document containing an XHTML form: ).
For example, the service provider may use HTTP Redirect to send a request while the identity provider uses HTTP POST to transmit the response.
This example illustrates that an entity's choice of binding is independent of its partner's choice of binding.
When a principal (or an entity acting on the principal's behalf) wishes to obtain an assertion containing an authentication statement, a element, which implicitly requests an assertion containing an authentication statement, was evidently issued by a service provider (https://sp.example.com/SAML2) and subsequently presented to the identity provider (via the browser).
In general, a SAML 2.0 artifact is defined as follows (SAMLBind (0x0000) at the front of the artifact.
The next 20 bytes are the SHA-1 hash of the issuer's entity ID (https://idp.example.org/SAML2) followed by 20 random bytes.
Upon receipt, the process is reversed to recover the original message.
For example, encoding the https://idp.example.org/SAML2/SSO/Redirect? SAMLRequest=f ZFfa8Iw FMXf Bb9Dy Xva Jt Z1Bqs URRC2 Mabbw95ivc5Am3TJr XPffmm LY3/A15Pzuyf33On8XJXBCax TRme Eh TEJQBdmr/Rb Rp63K3p L5r Ph YOpk Vd Y ib/Con+C9AYf DQRB4WDv Rv WWks Vo Y6ZQTWlbg BBZik9/f CR7Gor YGTWFK8pu6Dknnw KL/WEetlxm R8s BHb HJDWZq OKGds RJM0kf QAj CUJ43KX8s78ctn Iz+lp5xp Ya4d So1fj OKGM03i8j Se CMz Gev Ha2/BK5MNo1F dg N2JMq PLm Hc0b6WTmi Vbs Go Tf5qv66Zq2t60x0w XZ2RKydi CJXh3CWVV1CWJgqanfl0+in8xutx YOv ZL18NK Uq Plv ZR5el+Vh Yk Ag ZQds A6f WVs ZXE63W2itr TQ2c Va KV2Cj SSq L1v9P/AXv4C contains information not known by the Id P beforehand, such as Assertion Consumer Service URL, signing the request is recommended for security purposes.
Security Assertion Markup Language 2.0 (SAML 2.0) is a version of the SAML standard for exchanging authentication and authorization data between security domains.