Attribute Requester in Entity Group Matching Rule

This matching rules evaluates to true if the attribute requester's metadata is within a given entity group. An entity group is defined as any named <EntitiesDescriptor> element, i.e. the Name XML-Attribute of an <EntitiesDescriptor> element.

This filter requires that the metadata for the attribute requester is loaded and available.

Define the Rule

This rule is defined by the element <PolicyRequirementRule xsi:type="saml:AttributeRequesterInEntityGroup">, for policy requirements rules, and <PermitValueRule xsi:type="saml:AttributeRequesterInEntityGroup">, for permit value rules, with the following attributes:

groupID - the entity group to match

Example Policy Requirement Rule using the AttributeRequesterInEntityGroup Match Function

<PolicyRequirementRule xsi:type="saml:AttributeRequesterInEntityGroup" groupID="urn:example.org" />