The definition of principal

Peter Schober peter.schober at
Fri Sep 26 11:00:57 EDT 2014

* Mike Flynn <shibbolethlynda at> [2014-09-26 16:55]:
> I am currently having a conversation with SuccessFactors / BizX with regard to their requiring that we use nameID as a unique, immutable ID token for the user.  Typically we use things like targeted-id/eppn/UID etc - Attributes passed to us.  I am trying to understand the following:
> Is this appropriate?If appropriate, can I configure my SP (v2.3.1)
> to pass nameID to the protected resource in some fashion?  Should I
> expect Successfactors to pass it as an attribute?

The Shib SP will expose persistent NameIDs as persistent-id by
default. For other nameFormats you'd have to add that to your
attribute-map.xml yourself,

More information about the users mailing list