Configuration Guides › Policy Server Configuration Guide › Authentication Schemes › SAML Session Ticket Authentication › Multistep Authentication Using SAML Session Tickets Without Signed XML Documents › How the Consumer Uses the Assertion (Multi-step)

How the Consumer Uses the Assertion (Multi-step)

The assertion is passed by the authentication service to the web service consumer for subsequent web service requests. Because the requesting SOAP document contains the assertion and the XML document, the web service consumer is not rechallenged by other web services hosted by the same Policy Server.

In this model, the web service consumer does not sign each XML document request, assuming the destination URL does not require a signed document.