SAML user attributes
A SAML assertion can contain user attributes relating to the principal of the SAML token. A SAML assertion can contain multiple user attributes.
You can include user attributes in the token to communicate the
address of the person who is the SAML assertion principal. This example
shows a SAML assertion containing a user attribute:
<saml:AttributeStatement>
<saml:Attribute xmlns:x500=
"urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"
NameFormat=
"urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
Name="urn:oid:2.5.4.20"
FriendlyName="Address">
<saml:AttributeValue xsi:type="xs:string">
11111 Parker Lane, Austin, Texas, 78758
</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
This table describes the parameters used in the assertion:
Parameter | Description |
---|---|
NameFormat | Specifies how the attribute is interpreted. |
Name | Indicates the formal name of the attribute. |
FriendlyName | Provides a user-friendly name for an attribute when the Name parameter is cryptic. |
AttributeValue | The value of the user attribute. The value can be a string, or a complex XML type. |