Equifax SP and Shibboleth IDP
Peter Schober
peter.schober at univie.ac.at
Tue Nov 26 03:02:12 EST 2019
* Zico <mailzico at gmail.com> [2019-11-26 07:49]:
> So far, I used to know that it's IDP which actually make decision on
> sending / not sending attributes to SP but seems like SP has a big part
> here in this transaction as well. Never seen this before!
Depending on the configuration of your IDP (which you don't mention)
the IDP can take SP metadata into account when releasing attributes or
selecting NameID formats.
SAML metadata is the sole basis for attribute release in some of the
largest and most wide-spread uses of SAML today (such as InCommon and
its interational peers, in some of those federations more than in
others).
-peter
More information about the users
mailing list