IDPSSODescriptor containing list of attributes

Paul B. Henson henson at
Thu Nov 17 20:40:03 UTC 2022

So in my ongoing month long quest to get a clueless vendor onboarded to our idp, the latest thing they are saying is that idp metadata is supposed contain a list of attributes that will be sent to the service provider. Honestly, I had never heard of this, but double checking the specification, it seems it is indeed allowed, although nothing I have ever seen. And even if the idp metadata did contain a list of attributes, it appears to be defined as a generic list of attributes the idp supports, not the specific set of attributes it intends to release to a given SP.

I'm just curious, has anyone ever actually included attributes in their idp metadata or received metadata from someone else that did?

Paul B. Henson  |  (909) 979-6361  |
Operating Systems and Network Analyst  |  henson at
California State Polytechnic University  |  Pomona CA 91768

More information about the users mailing list