...
This page refers to the following XML namespaces:
Prefix | Namespace URI | Description |
---|---|---|
saml | urn:oasis:names:tc:SAML:1.0:assertion | SAML 1.0/1.1 Assertion namespace |
saml2 | urn:oasis:names:tc:SAML:2.0:assertion | SAML 2.0 Assertion namespace |
Attributes
The following optional attributes are supported:
Name | Type | Default | Description |
---|---|---|---|
policyId | string | Optional identifier of a customized security policy to use when performing the query | |
subjectMatch | boolean | false | If true, enforces SAML "strong matching" requirements on the subject of the resulting assertions. By default, the IdP is trusted to return an assertion about the queried subject without explicitly comparing the result. |
exceptionId | string | Optional identifier of a special attribute to create in the event of a "transient" failure during the query. Errors are considered transient if they are caused by system outages or misconfiguration. If an IdP appears to support the query protocol (based on its metadata), then transient errors include any failure to obtain a successful SAML response or a violation of security policy while processing the result. | |
statusId 3.1 | string | In conjunction with |
exceptionId
exceptionI |
Child Elements
The following optional child elements are supported:
Name | Cardinality | Description | |
---|---|---|---|
<saml2:Attribute> | 0 or more | Supplies a set of attribute and value filters to include in any SAML 2.0 queries. | |
<saml1:AttributeDesignator> | 0 or more | Supplies a set of attribute designators to include in any SAML 1.x queries. |
These elements are defined in SAML itself and reused in the configuration.
...