attrname-format in SAML response with non-standard attributes
Nate Klingenstein
ndk at signet.id
Fri Aug 26 21:07:26 UTC 2022
> How much should the IdP care about the nameFormat, which in hasty prototypes of these unique attributes, seems to be released with
I'd say about as much as the SP cares about the nameFormat, which given the selected names, is probably zero. I would send them with either:
> urn:oasis:names:tc:SAML:2.0:attrname-format:basic
or
> urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified
and certainly wouldn't send
> urn:oasis:names:tc:SAML:2.0:attrname-format:uri
if you can possibly avoid it.
More information about the users
mailing list