This profile configuration enables and configures the SAML 2 SSO profile.
This profile is configured by adding the <ProfileConfiguration xsi:type="saml:SAML2SSOProfile" />
element to a RelyingParty
definition. This element supports the following basic attributes:
<ProfileConfiguration xsi:type="saml:SAML2SSOProfile" /> |
<ProfileConfiguration xsi:type="saml:SAML2SSOProfile" signAssertions="always" includeAttributeStatement="true"/> |
The SAML2 SSO profile configuration supports the following advanced configuration attributes:
Count
attribute in the assertion's ProxyRestriction
element, defaults to 0NotBefore
timestamp in the assertions' validity conditions, defaults to trueIn addition, the SAML 2 SSO profile configuration element supports two child elements.
<Audience>
, whose content is used to populate the <Audience>
elements of <AudienceRestriction
> element. This element may appear any number of times, one for each audience.<ProxyAudience>
, whose content is used to populate the Audience
elements of the <ProxyRestriction>
condition element. This element may appear any number of times, one for each audience.