Adding a post authentication flow to an SP using metadata-driven configuration

Wessel, Keith kwessel at
Mon Oct 11 22:29:05 UTC 2021


I'm trying to get the context-check and warning flows to fire for a small set of SPs using a metadata-driven config. If I do the same thing with an override in my relying party config, it works, but I'm trying to avoid that.

I followed the example on the wiki and added this to my metadata provider:

        <MetadataFilter xsi:type="EntityAttributes">
            <saml:Attribute Name=""
                NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" >

But it's not firing. Logs show it's applying the entity attribute, but the warning flow and context-check flow don't run..

What am I overlooking?


More information about the users mailing list