Why We Should Kill Saml2 – Anders Abel – NDC Security 2022
Despite Saml2 being a well established standard for single sign on, it is horrible. Just about every implementation I’ve investigated has been broken, including finding flaws in .Net Framework’s SignedXml implementation.
Looking at how Saml2 approaches the top 10 challenges of a Single Sign On Protocol makes a strong argument on why OpenID Connect is better on every single point.