Setting "Format" attribute in NameIDPolicy of AuthnRequest.

Emilio Penna emilio.penna at
Wed May 14 18:22:45 EDT 2014

Hello, I'm starting with Shibboleth SP (version 2.5.3). Shibboleth SP is
generating AuthnRequest with

<samlp:NameIDPolicy AllowCreate="1" />

It works, and the IdP responds with a persistent identifier, but I need
the emailAddress as NameID...

The question: how can I configure shibboleth SP for adding the Format
attribute, i.e. generating:

<samlp:NameIDPolicy AllowCreate="1"
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" />

I tried adding the NameIDFormat attribute in the SSO element in
shibboleth2.xml but it isn't working.

thanks in advance

More information about the users mailing list