
SAML and OIDC are commonly found in federated authentication. Which of the following statements about federated authentication is not true?
A. SAML assertions can be viewed as equivalent to OIDC claims.
B. The access token of a subject is trusted and passed across security domains.
C. A user registers only one account in the federated domains to fulfill single sign-on (SSO).
D. The relying party refers to the service provider in SAML or the OAuth2 client using OIDC.