IdP 3.3.1 to 3.4.6 -- transientID difference?

Leonard J. Peirce leonard.peirce at
Fri Feb 14 16:10:26 EST 2020

Full disclosure:  the 3.4.6 I'm using is a new install.

In configuring 3.4.6 I naturally tried to keep our config as
similar to 3.3.1 as possible but an SP we support is having
an issue.  The config for the SP is very simple, only two
attributes being released.

Looking at the audit log entries for the SP for 3.3.1 and
3.4.6 I see small differences namely, 1) the transientID
in the NameID being generated is different, and 2) the last
field in 3.4.6 is "true" where in 3.3.1 is is blank.

I also test with and the transientID is different but
I can't think of anything that I did that would've affected it.
I've checked the configs and secret keys/passwords between the
two versions and they are the same.  Looking the output of
strings for sealer.jks 3.3.1 and 3.4.6 shows minor differences.

I guess my question is:  should transientID be different between
3.3.1 and 3.4.6?


- Leonard

More information about the users mailing list