Differences Between SAML V2.0 and SAML V1.1

SAML V2.0 represents a significant feature upgrade to SAML V1.1. The enhancements include features derived from the Liberty Alliance Identity Federation Framework (ID-FF) V1.2 specifications that were contributed to the SSTC in 2003, capabilities present in the Internet2's Shibboleth architecture, and enhancement requests resulting from experience with numerous deployments of SAML V1.x in the industry.

The on-the-wire representations of SAML V2.0 assertions and protocol messages are incompatible with SAML V1.x processors. As is explained in the SAML Assertions and Protocols specification, only new major versions of SAML (of which this is one) typically cause this sort of incompatibility. In this release, much of the incompatibility is syntactic in nature; this was done for consistency and better component symmetry.

Specification Organization Changes

General Changes

XML Signature and XML Encryption Support

Name Identifier, Subject, and Subject Confirmation Changes

General Assertion Changes

Authentication Statement Changes

Attribute Statement Changes

General Request-Response Protocol Changes

Changes to SAML Queries

New SAML Protocols

Bindings Changes

Profiles Changes