FederationFederation Security Services GuideDeploying Federation without the FSS Sample ApplicationAdd Functionality to the Federation Deployment › Include an Attribute in the Assertion

Previous Topic: Test SP-Initiated Artifact Single Sign-on

Next Topic: Configure Digital Signing (required for POST Binding)
Include an Attribute in the Assertion

You can add attributes from the user store record to a SAML assertion to further identify a user. The attribute must exist in the Identity Provider’s user store for that specific user who is requesting access to the target resource.

For this deployment, an attribute will be added for Tuser1.

To add the firstname attribute

  1. Log in to the Policy Server User Interface.
  2. Select the Attributes tab from the SAML Service Provider Properties dialog.
  3. Click Create.

    The SAML Service Provider Attribute dialog opens.

  4. Complete the following fields:
    Attribute

    unspecified (default)

    Attribute Kind

    User Attribute

    Variable Name

    firstname

    Attribute Name

    givenname

    givenname is a attribute in Tuser1’s profile.

  5. Click OK to save your changes and return to the Attributes tab.