In the federated environment, the IdP and the SP need to exchange the authentication and authorization data. SAML is a XML-based standard format to present the data. This standard was first introduced in 2001 by OASIS Security Services Technical Committee and the latest version available is 2.0. This is a commonly used standard by many federation service providers and application developers to provide a single sign-on (SSO) experience. Claims request and processing of it is exactly the same as the example used in the previous section and the only difference will be the format of the token request and response. It will use signed XML files as the token. In the SAML terminology, generated security tokens in IdP end are called asserts and the decryption and processing of the assert in the SP end is called assertion.