SAML user attributes

A SAML assertion can contain user attributes relating to the principal of the SAML token. A SAML assertion can contain multiple user attributes.

You can include user attributes in the token to communicate the address of the person who is the SAML assertion principal. This example shows a SAML assertion containing a user attribute:
<saml:AttributeStatement>
  <saml:Attribute  xmlns:x500=
      "urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"
    NameFormat=
      "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
    Name="urn:oid:2.5.4.20"
    FriendlyName="Address">
          <saml:AttributeValue xsi:type="xs:string">
                      11111 Parker Lane, Austin, Texas, 78758
          </saml:AttributeValue>
  </saml:Attribute>
</saml:AttributeStatement>

This table describes the parameters used in the assertion:

Parameter Description
NameFormat Specifies how the attribute is interpreted.
Name Indicates the formal name of the attribute.
FriendlyName Provides a user-friendly name for an attribute when the Name parameter is cryptic.
AttributeValue The value of the user attribute. The value can be a string, or a complex XML type.

指出主題類型的圖示 概念主題



時間戳記圖示 前次更新: July 9, 2016 11:11
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=cwbs_samluserattributes
檔名:cwbs_samluserattributes.html