Setting "Format" attribute in NameIDPolicy of AuthnRequest.

Tom Scavo trscavo at
Wed May 14 19:45:27 EDT 2014

On Wed, May 14, 2014 at 6:47 PM, Kevin Foote <kpfoote at> wrote:
> On May 14, 2014, at 3:40 PM, Tom Scavo <trscavo at> wrote:
>> I don't think so. The SAML spec is pretty clear on that. It's a MUST in fact.
> Must have miss read the OP ..
> As an SP you can not dictate what the IdP sends. You are saying the SP can dictate what gets sent?

There are lots of things in the AuthnRequest that are MUSTs.
NameIDPolicy/@Format is one of them. If the IdP can't honor that, it
has to return an error.


More information about the users mailing list