IDP access to "RequesterID" ?

Michael A Grady mgrady at
Tue May 23 11:32:44 EDT 2017

> On May 23, 2017, at 9:21 AM, Cantor, Scott <cantor.2 at OSU.EDU> wrote:
>> It would be awesome if we didn't have to consider all of the proxied SPs to
>> be the same SP.  Does the IDP have access to the Scoping element (and the
>> RequesterID element inside of it) in a place that it could be used for making
>> decisions?
> We don't to my knowledge extract it but the AuthnRequest is in the inbound message context, which pretty much everything can access via the ProfileRequestContext so it's certainly accessible to scripts or code.
> Assuming there are some obvious places where one might want to operate on it, just file RFEs.
> -- Scott

Someone at Unicon had need to get at that, and I'm told (haven't tried it yet myself) that they got to it (omitting any error checking before referencing) via this:


Michael A. Grady
IAM Architect, Unicon, Inc.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list