IdP implementation roadmap
Cantor, Scott
cantor.2 at osu.edu
Fri Apr 19 09:08:21 EDT 2019
> If I remove explicitly
>
> <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-
> format:unspecified</md:NameIDFormat>
>
> from metadata it works properly and I can see NameID filled with mail.
>
> What have I broken?
Yes, it does do that. If an SP is asking for "unspecified" it is explicity saying it doesn't care what it gets, so the metadata is ignored. "unspecified" is the absence of a requirement, not a requirement. Just as it is the equivalent of not specifying a Format in a NameID, it is the equivalent of not specifying a Format in metadata.
-- Scott
More information about the users
mailing list