/
Audience Rule
Audience Rule
- Rod Widdowson
- Thomas Lenggenhager
- Scott Cantor
- Ian Young
Owned by Rod Widdowson
Last updated: Oct 19, 2022 by Thomas Lenggenhager
Identified by type="Audience", this rule processes SAML 1.x and 2.0 "AudienceRestriction" conditions. The set of allowed "audience" values are normally supplied within the rule configuration or can be supplied by unspecified means (e.g., the SP will normally ensure that its own entityID is an allowable value without special setup).
This is rarely required during normal use, and usually implies a misconfiguration by one or the other party.
Child Elements
Name | Cardinality | Description | |
|---|---|---|---|
<saml:Audience> | 0 or more | Supplies additional audience values to be allowed when evaluating conditions. This replaces the deprecated mechanism of including this element directly within an <ApplicationDefaults> or <ApplicationOverride> element. | |
Example
<PolicyRule type="Audience">
<saml:Audience xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://this.should.not.be.needed.com</saml:Audience>
</PolicyRule>
, multiple selections available,
Related content
Conditions Rule
Conditions Rule
Read with this
Policy
Policy
Read with this
PolicyRule
PolicyRule
Read with this
NativeSPAudience
NativeSPAudience
Read with this
SecurityPolicies
SecurityPolicies
Read with this