Can IS validator SAML token on incoming request


I’m kind of new in webMethods, only working on it for the last 12 months.
I’m currently working on a request to validate SAML token on some incoming request.

Those request could be REST or SOAP.
I noticed that we can setup the SAML issuer in IS and I have done that.

Now I need to test it.
Just wonder how the token should attached in REST or SOAP request?
How do specify a service required SAML token validation?

In soap request, I usually attached the token to soap header surrounded by WSSE tag.