SPML is an XML-based standard specification for exchanging provisioning-related data and operations. The functional specification of SPML defines a provisioning lingua franca to express provisioning commands and related information in a standard way.
SAML, also an XML-based standard, enables applications to exchange security-related data by specifying a standard way to make assertions concerning the identity, attributes and entitlements of a subject (e.g., a person). This makes SAML a key pillar for interoperable identity services.
As the scope of user activities expands, companies, applications and users require enhanced control over the myriad of identity-related records pertaining to a given person, which are often scattered across various systems and even domains. Furthermore, cross-domain application development is challenging as each domain authority manages its data differently. Standards such as SAML and SPML help negotiate these challenges by facilitating better interoperability among identity services and applications, enabling an improved and more streamlined experience for application users.
Interoperable identity services are inevitable in order to sustain the growth of the identity management market and the growth of related application capabilities in the future. SPML and SAML are two promising (and evolving) standards that can help realize that future.