SAML is a very general framework which will be used in a wide variety of environments. It is up to relying parties to decide what ASSERTING parties they trust for what purposes. For example, Company A MIGHT trust Company B to tell it if an individual was a Company B employee, but not to tell if the employee has a SECRET Clearance. Trust relationships must be established out of band. (Also, a certain amount of configuration INFORMATION, for example network ADDRESSES, will have to be exchanged out of band.)

SAML is a very general framework which will be used in a wide variety of environments. It is up to relying parties to decide what asserting parties they trust for what purposes. For example, Company A might trust Company B to tell it if an individual was a Company B employee, but not to tell if the employee has a Secret Clearance. Trust relationships must be established out of band. (Also, a certain amount of configuration information, for example network addresses, will have to be exchanged out of band.)