The application uses the SAML protocol for secure authentication.
Upon successful authentication, the identity provider sends a SAML response.
The SAML assertion contains information about the user's identity.
The SAML attribute statement includes information about the user's roles.
The service provider's SAML metadata includes its endpoints and certificates.