Tagged: saml2 This topic has 3 replies, 3 voices, and was last updated 6 years, 1 month ago by RaofM. Author Posts October 31, 2016 at 7:58 pm #14023 epleismanParticipant All, I have defined an IdP for testing my SP and SAML2. I am (for now) testing the assertion of 2 attributes: uid and mail. When I execute http://sso.pslntest.com:8080/openam/saml2/jsp/spSSOInit.jsp?metaAlias=/sp&idpEntityID=http://idp.psc.com:8080/openam and examine the assertions, I am only getting ONE attribute ever. If I change the attributes asserted around, I still only ever get the first attribute listed. What am I doing wrong (I am sure questions to follow in terms of my config). Thank you all. November 2, 2016 at 5:11 am #14037 RaofMParticipant Hi Epleisman, What NameID Format are you using unspecified or transient ? if unspecified: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified=uid urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress=mail if transient: urn:oasis:names:tc:SAML:2.0:nameid-format:transient=uid urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress=mail and what mappings you have on the SP side. -RaofM November 2, 2016 at 1:20 pm #14046 Peter MajorModerator NameID Value mapping with transient NameID Format is non spec compliant configuration. Please don’t suggest that. November 2, 2016 at 4:22 pm #14051 RaofMParticipant Hi Epleisman, Ignore my earlier comments as Peter said, Thanks Peter for correcting. -RaofM Author Posts Viewing 4 posts - 1 through 4 (of 4 total) You must be logged in to reply to this topic.