What is a common challenge when implementing Security Assertion Markup Language (SAML) for
identity integration between on-premise environment and an external identity provider service?

A.
Some users are not provisioned into the service.

B.
SAML tokens are provided by the on-premise identity provider.

C.
Single users cannot be revoked from the service.

D.
SAML tokens contain user information.