WAS v8.5 > Deploy applications > Deploy web services - Security (WS-Security) > Deploy applications that use SAML > Create SAML attributes in SAML tokens

SAML user attributes

A SAML assertion can contain user attributes relating to the principal of the SAML token. A SAML assertion can contain multiple user attributes.

We can include user attributes in the token to communicate the address of the person who is the SAML assertion principal. This example shows a SAML assertion containing a user attribute:

<saml:AttributeStatement>   <saml:Attribute  xmlns:x500=
      "urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"
    NameFormat=
      "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
    Name="urn:oid:2.5.4.20"
    FriendlyName="Address">           <saml:AttributeValue xsi:type="xs:string">                       11111 Parker Lane, Austin, Texas, 78758
          </saml:AttributeValue>   </saml:Attribute> </saml:AttributeStatement>

This table describes the parameters used in the assertion:

Parameter Description
NameFormat How the attribute is interpreted.
Name Indicates the formal name of the attribute.
FriendlyName Provides a user-friendly name for an attribute when the Name parameter is cryptic.
AttributeValue The value of the user attribute. The value can be a string, or a complex XML type.


+

Search Tips   |   Advanced Search