SAML Service Provider Dialog--Name IDs Tab

Federation › Federation Security Services Guide › SAML 2.0 Service Provider Reference › SAML Service Provider Dialog--Name IDs Tab

SAML Service Provider Dialog--Name IDs Tab

The Name IDs tab is where you configure the Name Identifier, which names a user in a unique way in the assertion. The format of the Name Identifier establishes the type of content used for the ID. For example, the format might be the User DN, in which case the content might be a uid.

The Name IDs tab contains the following fields:

Name ID Format

Specifies the Name Identifier format. Pick one of the following:

Unspecified
EmailAddress
X.509 Subject Name
Windows Domain Qualified Name
Entity Identifier
Persistent Identifier
Transient Identifier

For a description of each format, see Section 8.3 of the Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0 specification (sstc-saml-core-2.0-cd-04.pdf).

Name ID Type Group Box

The Name ID group box contains radio buttons that specify the Name Identifier type. The choices are as follows:

Static radio button: Indicates that the Name Identifier is specified by the value in the Static Value field. Activates the Static Value field; disables other controls.
User Attribute radio button: Indicates that the Name Identifier resides in the user attribute specified in the Attribute Name field. Activates the Attribute Name field; disables other controls.
DN Attribute radio button: Indicates that the Name Identifier will be specified by an attribute associated with a DN. Activates the User Attribute field, the DN Spec field, and the Allow Nested Groups check box; disables the Static Value field.
Allow Nested Groups check box: Indicates that nested groups are allowed when selecting the DN. Enabled if the DN Attribute Radio Button is selected.

Name ID Fields Group Box

Contains fields that specify information about the selected Name Identifier. The fields in this group box are context-sensitive, being determined according to the Name ID Type selection.

Static Value field

Specifies the static text value that will be used for all name identifiers for this Service Provider.

User Attribute

Specifies the name of the user attribute which contains the name identifier, or the attribute associated with a group or organizational unit DN.

DN Spec

Specifies the group or organizational unit DN to be used for obtaining the associated attribute to be used as the name identifier.

Lookup button: Opens the SiteMinder User Lookup dialog to locate the user group and select a DN to populate the DN Spec field.

Other Controls

SAML Affiliation: Specifies a SAML Affiliation for the Service Provider to join. Select from any configured SAML Affiliation object. If an Affiliation is selected, the other controls on the tab are grayed out (the Affiliation settings will be used instead).

More Information

Specify Name Identifiers for SAML 2.0 Assertions

Email CA Technologies about this topic