Which statement best describes SAML?

SAML is a standard that governs how authentication and authorization information is shared between trusted parties, typically an identity provider and a service provider, to enable single sign-on across domains. The key idea is that the identity provider issues a security assertion about a user, and the service provider consumes that assertion to decide whether to grant access. This assertion is usually an XML document that includes who the user is, when they were authenticated, and any attributes or entitlements, and it is digitally signed to ensure integrity and trust. That makes the best description the statement that it defines the format for security assertions exchanged between trusted parties. SAML isn’t a directory service like LDAP, nor does it encode credentials in a directory. It is also not unrelated to identity management; it is a central tool in federated identity and SSO implementations.