Federation Manager Guide › Federation Partnerships › Name ID and Attributes for the Assertion (Asserting Party)

Name ID and Attributes for the Assertion (Asserting Party)

The Name ID identifies a user in a unique way in the assertion. The format of the Name Identifier establishes the type of content used for the ID. Specifying the Name ID format is required because it is always included in the assertion.

Attributes in the assertion are optional; however, the target application can use them for customization.

To specify the Name ID format and other attributes

1. Select values for the Name ID Format and the Name ID Type in the Name ID group box.

   The relying party uses these values to know how to interpret the value that is passed in the assertion.

   Note: You can click Help for a description of fields, controls, and their respective requirements.

2. Based on the value of the Name ID Type, do one of the following:
   • Complete the Value field if you selected Static or User Attribute for the Name ID type.
   • Complete the Value and the DN specification fields if you selected the DN Attribute for the Name ID type.
3. (Optional - SAML 2.0 only) Select Allow Creation of User Identifier so the asserting party can create a value for the NameID. For this feature to work, the AuthnRequest from the relying party must include an AllowCreate attribute.

   Note: If you select this option, the value of the Name ID Format must be Persistent Identifier.

4. (Optional) Click Add Row in the Assertion Attributes table to specify one or more attributes for inclusion in the assertion. You can optionally encrypt the attribute.

   Click Help for a description of the columns in this table.

5. Click Next to continue with partnership configuration.