The Security Assertion Markup Language (SAML) is an XML-based standard that is used to describe and exchange authentication and authorization information between different security domains. SAML passes information about users between identity providers and service providers in XML documents called SAML assertions.

You can use SAML authentication to integrate VMware Horizon with VMware Workspace ONE, VMware Workspace ONE Access, or a qualified third-party load balancer or gateway. When configuring SAML for a third-party device, refer to the vendor documentation for information on configuring VMware Horizon to work with it. When SSO is enabled, users who log in to VMware Workspace ONE Access or a third-party device can launch remote desktops and applications without having to go through a second login procedure. You can also use SAML authentication to implement smart card authentication on VMware United Access Gateway, or on third-party devices.

To delegate responsibility for authentication to Workspace ONE, VMware Workspace ONE Access, or a third-party device, you must create a SAML authenticator in VMware Horizon. A SAML authenticator contains the trust and metadata exchange between VMware Horizon and Workspace ONE, VMware Workspace ONE Access, or the third-party device. You associate a SAML authenticator with a Connection Server instance.