REST API authentication with SAML

Question

I\'m struggling to design a SAML2.0 authentication for a REST API using a gateway. REST is used between my backend and my application. I\'m using Java Servlet filter and Spring.

Answer 1

It is still draft, but: the OAuth2 SAML bearer profile may a possible solution. http://tools.ietf.org/html/draft-ietf-oauth-saml2-bearer-17

Use a SAML2 to authenticate to an OAuth2 provider, then call your service with the OAuth2 token.