11
A Third way SAML is being
used:
Entitlement Authorization
Entitlement Authorization
•The identity provider gives information about what actions the user is entitled (authorized) to do.
"John
Doe is not entitled to read the employee salaries."
SAML Assertion
(an authorization assertion)