For web services, you can complete authentication and authorization using a SAML token.
The SAML token Authentication and Authorization are supported only in the following configuration:
Capability
Configured with a security policy set and binding that defines that a SAML pass-through 1.1 or SAML pass-through 2.0 token is present for authentication; see Authentication. The integration node provides only SAML pass-through support, which means that the SAML token is extracted and passed to an external Security Token Service (STS) for validation. The STS to be used is specified in a security profile. The STS processing can be used to implement authentication based on the SAML principal, and authorization based on SAML attributes.
Configured with a security profile defining the Policy Decision Point (PDP); see the PDP section that follows.
Configured by using a WS-Trust v1.3 STS security profile specifying authentication, authorization or both; see Creating a security profile for WS-Trust V1.3 (TFIM V6.2).