IDPSSODescriptor containing list of attributes

Cantor, Scott cantor.2 at
Thu Nov 17 21:18:52 UTC 2022

>    I'm just curious, has anyone ever actually included attributes in their
> idp metadata or received metadata from someone else that did?

It's just intended as something like an LDAP schema would be (though much less fancy), a general advertisement of what you can support, but no, it's never been used much and certainly has no obvious operational semantics. Same as the NameIDFormat element in IdP metadata.

Our IdP of course operationally leverages the SP NameIDFormat element and AttributeConsumingService elements. The SP can't really do that in the same way.

-- Scott

More information about the users mailing list