...
| Note |
|---|
Before continuing you should understand the concept of a name identifier and how to define and release attributes. |
...
Producing the Name Identifier
As discussed, name identifiers have different sets of properties (e.g. longevity, transparency). Therefore it should come as no surprise that there are multiple ways in which to produce the name identifier depending on which properties are required.
...
An IdP can express support for a name identifier format through its metadata. This is done by adding a <NameIDFormat> element to both the IdP's IDPSSODescriptor and AttributeAuthorityDescriptor roles. The value of this element should be the format as configured in the name identifier attribute encoder.
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat> |
...