IdPFilterRequirementAttributeIssuerEntityAttributeExactMatch
Attribute Issuer Entity Attribute Exact Matching Rule
This matching rules evaluates to true if the attribute issuer's metadata contains an Entity Attribute with a given value (since v2.3.4).
This filter requires that the metadata for the attribute issuer is loaded and available.
This filter only operates on Attribute
elements within the EntityAttributes
, it does not use any Assertion
elements.
Define the Rule
This rule is defined by the element <PolicyRequirementRule xsi:type="saml:AttributeIssuerEntityAttributeExactMatch">
, for policy requirements rules, and <PermitValueRule xsi:type="saml:AttributeIssuerEntityAttributeExactMatch">
, for permit value rules, with the following required attributes:
- attributeName - the name of the entity attribute
- attributeValue - the value the entity attribute must have
This rule also supports the following optional attribute:
- attributeNameFormat - the name format the entity attribute must have; otherwise any format is accepted
Example Policy Requirement Rule using the AttributeIssuerEntityAttributeExactMatch Match Function
<PolicyRequirementRule xsi:type="saml:AttributeIssuerEntityAttributeExactMatch" attributeName="urn:example.org:policy" attributeValue="urn:example.org:policy:ABCD1234" />