IdP implementation roadmap

Andrew Morgan morgan at
Sun Apr 21 10:55:42 EDT 2019

Search for "unspecified" on this wiki page:


On Sun, 21 Apr 2019, Yakov Revyakin wrote:

> SP declares support of 'unspecified' for username in documentation.
> SP doesn't provide any 'NameIDPolicy' in authnrequest.
> Even if IdP has all necessary settings for 'unspecified' the IdP doesn't
> return 'unspecified' because of lack of 'NameIDPolicy' in request.
> If my hand made SP metadata includes NameIDFormat as 'emailAddress' the SP
> doesn't look for username inside response because it waits for
> 'unspecified'.
> How to return NameID forcibly/directly as 'unspecified' (without any
> dependencies on authnrequest or metadata).
> Thanks
> On Fri, 19 Apr 2019 at 18:57, Cantor, Scott <cantor.2 at> wrote:
>>> You mean that if there are few options and one of them is 'unspecified'
>> then
>>> any other aren't considered as options, don't you?
>> Yes, that's what it's doing. I didn’t remember it was doing that, but the
>> V3 behavior is the same as the V2 behavior and that's why it was coded that
>> way. The problem with changing it is that it literally can change the
>> behavior of running systems after an upgrade. All to change how it handles
>> something that should never appear anywhere in any XML under any
>> circumstances. That's a poor justification for a change.
>> -- Scott
>> --
>> For Consortium Member technical support, see
>> To unsubscribe from this list send an email to
>> users-unsubscribe at

More information about the users mailing list