SAML assertion replay is the reuse of a previously valid SAML authentication assertion to gain unauthorized or repeated access. It matters because a signed assertion can still be abused if it is accepted more than once or outside its intended context.
What is SAML Assertion Replay?
Replay becomes more likely when assertions are long-lived, not bound to audience or request context properly, or not tracked for one-time use. It is a classic example of why authenticity alone is not enough without freshness and context validation.
What SAML Assertion Replay Commonly Supports
Common uses include SSO hardening, assertion validation review, replay defense, and identity protocol testing.
SAML Assertion Replay vs. Fresh One-Time Assertion Acceptance
SAML assertion replay reuses a valid assertion outside its intended single-use context. Strong handling rejects stale or already used assertions.
Frequently Asked Questions
Why is replay a problem in SAML?
Because signed assertions can look legitimate even when they are being reused by an unauthorized party.
What helps prevent replay?
Short lifetimes, audience restrictions, request correlation, and one-time-use tracking all help.
Related Cybersecurity Terms
