The Security Assertion Markup Language (SAML) is an open standard for exchanging authorization and authentication information. The Web Browser SAML/SSO Profile with Redirect/POST bindings is one of the most common SSO implementation. This cheatsheet will focus primarily on that profile. Refer to SAML Security (section 4.2.2) for additional information. This step will help counter the following attacks: Theft of User Authentication Information 7.1.2, theft of the Bearer Token, and Man-in-the-middle attacks.”]
Source: https://cheatsheetseries.owasp.org/cheatsheets/SAML_Security_Cheat_Sheet.html