Assertion

An assertion is a verifiable statement or claim issued by a trusted entity, typically an identity provider (IdP), about a subject such as a user or system. It encapsulates structured data about the subject's identity, authentication status, and authorization parameters — including unique identifiers, group memberships, roles, and permissions. Assertions are foundational to protocols like SAML, OAuth, and OpenID Connect, enabling secure communication of identity information across distributed systems.

To ensure integrity and authenticity, assertions are cryptographically protected, most commonly through digital signatures, which prevent tampering and validate the issuing authority. Relying parties, such as service providers, consume these validated assertions to make access control decisions, enabling seamless single sign-on (SSO) experiences while enforcing granular security policies. The accurate generation, transmission, and validation of assertions is critical for maintaining trust relationships, upholding a strong security posture, and ensuring compliance within modern enterprise architectures.