SAML defines a number of request/response
protocols that allow
Service Providers to:
- Request from a SAML authority one or more assertions (includes a direct request of the desired assertions, as well as querying for assertions that meet particular criteria)
- Request that an Identity Provider (IDP) authenticate a principal and return the corresponding assertion
- Request that a name identifier be registered
- Request that the use of an identifier be terminated
- Retrieve a protocol message that has been requested by means of an artifact
- Request a near-simultaneous logout of a collection of related sessions ("Single Logout Profile")
- Request a name identifier mapping
There might be more information for this subject on one of the following: