Previous Topic: Select Users for Which Assertions are GeneratedNext Topic: Customize a SAML Assertion Response (optional)

Federation GuidesLegacy Federation GuideConfigure CA SiteMinder® as a SAML 2.0 Identity ProviderSpecify a Name ID for a SAML 2.0 Assertion

Specify a Name ID for a SAML 2.0 Assertion

A name ID names a user in an assertion in a unique way. The name ID is added to the assertion sent to the Service Provider.

The format of the name ID establishes the type of content that is used for the ID. For example, the format can be the User DN, in which case the content would be a uid.

You can encrypt a Name ID. However, for single sign-on with the artifact binding, encrypting a NameID with other data in an assertion increases the size of the assertion.

Note: The NameID is required in an assertion.

To configure a name ID

  1. Begin at the Name IDs step in the configuration wizard.
  2. Select the Name ID Format.

    For a description of each format, see the OASIS Security Assertion Markup Language (SAML) V2.0 specification.

  3. Select the Name ID Type from the following options:

    The contents of the Name ID Fields section change according to the Name ID Type selected.

  4. Complete the fields for the selected Name ID Type.

Note: If you configure Name IDs, do not select an affiliation in the SAML Affiliation field. Name IDs and affiliations are mutually exclusive.

More Information:

Encrypt a NameID and an Assertion