Equifax SP and Shibboleth IDP

Peter Schober peter.schober at univie.ac.at
Tue Nov 26 03:02:12 EST 2019

* Zico <mailzico at gmail.com> [2019-11-26 07:49]:
> So far, I used to know that it's IDP which actually make decision on
> sending / not sending attributes to SP but seems like SP has a big part
> here in this transaction as well. Never seen this before!

Depending on the configuration of your IDP (which you don't mention)
the IDP can take SP metadata into account when releasing attributes or
selecting NameID formats.

SAML metadata is the sole basis for attribute release in some of the
largest and most wide-spread uses of SAML today (such as InCommon and
its interational peers, in some of those federations more than in


More information about the users mailing list