1.3 Overview

The Security Assertion Markup Language (SAML) Proxy Request Signing Protocol (SAMLPR) provides the capability for AD FS proxy servers to have the AD FS STS server for an installation perform operations that require knowledge of the configured keys and other state information about federated sites known by the Security Token Service (STS) server. For more information, see [WS-Trust1.3]. In particular, proxy servers use the SAMLPR Protocol to have the STS server in an installation perform SAML (see [SAMLCore2] and [SamlBinding]) signature operations upon messages to be sent. Multiple proxy servers can use a single STS server.

The protocol is stateless, with the parameters of each message being fully self-contained.