A SAML assertion can contain user attributes relating to the principal of the SAML token. A SAML assertion can contain multiple user attributes.
<saml:AttributeStatement> <saml:Attribute xmlns:x500= "urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500" NameFormat= "urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:2.5.4.20" FriendlyName="Address"> <saml:AttributeValue xsi:type="xs:string"> 11111 Parker Lane, Austin, Texas, 78758 </saml:AttributeValue> </saml:Attribute> </saml:AttributeStatement>
This table describes the parameters used in the assertion:
Parameter | Description |
---|---|
NameFormat | Specifies how the attribute is interpreted. |
Name | Indicates the formal name of the attribute. |
FriendlyName | Provides a user-friendly name for an attribute when the Name parameter is cryptic. |
AttributeValue | The value of the user attribute. The value can be a string, or a complex XML type. |