Saml2SecurityTokenHandler Class

[Starting with the .NET Framework 4.5, Windows Identity Foundation (WIF) has been fully integrated into the .NET Framework. The version of WIF addressed by this topic, WIF 3.5, is deprecated and should only be used when developing against the .NET Framework 3.5 SP1 or the .NET Framework 4. For more information about WIF in the .NET Framework 4.5, also known as WIF 4.5, see the Windows Identity Foundation documentation in the .NET Framework 4.5 Development Guide.]

Represents a security token handler that creates security tokens from SAML 2.0 Assertions.

Namespace: Microsoft.IdentityModel.Tokens.Saml2
Assembly: Microsoft.IdentityModel (in Microsoft.IdentityModel.dll)


Dim instance As Saml2SecurityTokenHandler


Public Class Saml2SecurityTokenHandler
    Inherits SecurityTokenHandler
public class Saml2SecurityTokenHandler : SecurityTokenHandler
public ref class Saml2SecurityTokenHandler : public SecurityTokenHandler
public class Saml2SecurityTokenHandler extends SecurityTokenHandler
public class Saml2SecurityTokenHandler extends SecurityTokenHandler


The Saml2SecurityTokenHandler class serializes and deserializes security tokens backed by SAML 2.0 Assertions into Saml2SecurityToken objects. Security token handlers are responsible for creating, reading, writing, and validating tokens.

You can configure a security token service (STS) or relying party (RP) application to process SAML 2.0 Assertion-backed security tokens by adding an instance of the Saml2SecurityTokenHandler class to the SecurityTokenHandlerCollection object configured for the service (or application). This can be done either programmatically or in the configuration file. The handler itself is configured from the configuration specified for the collection through the collection’s Configuration property when it is added to the collection. While it is possible to configure the handler individually by setting its Configuration property, this is not normally necessary; however, if the handler must be configured individually, the property should be set after the handler is added to the collection. For more information about configuring security token handlers, see the Token Handler Configuration topic.

For many scenarios, the Saml2SecurityTokenHandler class can be used as-is; however, the class provides many extension points through the methods it exposes. By deriving from the Saml2SecurityTokenHandler and overriding specific methods, you can modify the functionality of the token processing provided in the default implementation, or you can add processing for extensions to the SAML Assertion specification that may be needed in some custom scenarios. For information about how to add a custom security token handler to an application, see the How to: Add a Custom Token Handler topic.

Additional information about security token handlers can be found in the topics under the Token Handlers topic.

Inheritance Hierarchy


Thread Safety

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.


Target Platforms

Windows 7, Windows Server 2008 R2, Windows Vista SP2, Windows Server 2008 SP2, Windows Server 2003 SP2 (32-bit or 64-bit)

See Also


Saml2SecurityTokenHandler Members
Microsoft.IdentityModel.Tokens.Saml2 Namespace
Saml2SecurityToken Class

Other Resources

Token Handlers
What is Windows Identity Foundation?

Copyright © 2008 by Microsoft Corporation. All rights reserved.