Request specified use of an unsupportable identifier format: urn:mace:shibboleth:1.0:nameIdentifier
Mak, Steve
makst at upenn.edu
Wed Jun 9 18:14:01 UTC 2021
Maybe others can correct me, but I believe the IdP's nameID format priority list goes like this:
1. relying party override
2. SAML request requirement
3. SP metadata preference list - as long as "unspecified" is not present
If no NameID Format is listed then the IdP will operate with "unspecified", otherwise it will consult the priority list.
Your cayuse integration is hitting the 1.0 NameID at #2. You can either get cayuse to fix their side or you can override with #1.
- Steve
More information about the users
mailing list