The SAML2 provider uses a trusted identity provider to authenticate users.
When you use the Security Assertion Markup Language 2.0 (SAML2) protocol in SAP Mobile Platform, you define a local service provider to determine authorizations based on information from a trusted identity provider. The trusted identity provider maintains its own database of users and their SAML2 attributes. When a user requests access to a resource, the service provider retrieves a SAML2 assertion from the identity provider. The service provider then reads the user name from the subject or one of the attributes in the SAML2 assertion to determine whether to grant the user access to the resource.