Setting "Format" attribute in NameIDPolicy of AuthnRequest.
trscavo at gmail.com
Wed May 14 19:45:27 EDT 2014
On Wed, May 14, 2014 at 6:47 PM, Kevin Foote <kpfoote at uoregon.edu> wrote:
> On May 14, 2014, at 3:40 PM, Tom Scavo <trscavo at gmail.com> wrote:
>> I don't think so. The SAML spec is pretty clear on that. It's a MUST in fact.
> Must have miss read the OP ..
> As an SP you can not dictate what the IdP sends. You are saying the SP can dictate what gets sent?
There are lots of things in the AuthnRequest that are MUSTs.
NameIDPolicy/@Format is one of them. If the IdP can't honor that, it
has to return an error.
More information about the users