Setting "Format" attribute in NameIDPolicy of AuthnRequest.

Kevin Foote kpfoote at
Wed May 14 20:19:57 EDT 2014

> On May 14, 2014, at 4:45 PM, "Tom Scavo" <trscavo at> wrote:
>> On Wed, May 14, 2014 at 6:47 PM, Kevin Foote <kpfoote at> wrote:
>>> On May 14, 2014, at 3:40 PM, Tom Scavo <trscavo at> wrote:
>>> I don't think so. The SAML spec is pretty clear on that. It's a MUST in fact.
>> Must have miss read the OP ..
>> As an SP you can not dictate what the IdP sends. You are saying the SP can dictate what gets sent?
> There are lots of things in the AuthnRequest that are MUSTs.
> NameIDPolicy/@Format is one of them. If the IdP can't honor that, it
> has to return an error.

We are both attempting (from different angles) to say basically the same thing. 

Glad the OP is off and running dispute us ;-)

- sent from mobile

More information about the users mailing list