Assertions are the packets of security information transferred from the Identity Provider to the Service Provider. The following are three different types of statements in an Assertion:

• Authentication Statements

• Attribute Statements

• Authorization Decision Statements

Assertions that the Identity Provider issues have a validity period beyond which the service provider must reject the information. SAML uses Authentication Statement to validate identity of the user.