Forums, Documentation & Knowledge Base - ComponentSpace

SAML Assertions, Subjects and Attributes


https://componentspace.com/forums/Topic34.aspx

By ComponentSpace - 2/20/2014

The following is an example SAML assertion including a SAML subject and a number of SAML attributes.
The SAML subject identifies the user whose identity is being asserted by the identity provider.
The SAML attributes include additional information provided by the identity provider.

<saml:Assertion Version="2.0" ID="_db28e69a-f5cf-440d-b5b2-bf789b5b750f" IssueInstant="2014-02-22T01:17:27.948Z" 
                xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
  <saml:Issuer>urn:componentspace:ExampleIdentityProvider</saml:Issuer>
  <saml:Subject>
      <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">idp-user</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
          <saml:SubjectConfirmationData NotOnOrAfter="2014-02-22T01:20:27.956Z"  
              Recipient="
http://localhost/ExampleServiceProvider/SAML/AssertionConsumerService.aspx"/>
      </saml:SubjectConfirmation>
  </saml:Subject>
  <saml:Conditions NotBefore="2014-02-22T01:14:27.95Z" NotOnOrAfter="2014-02-22T01:20:27.95Z">
      <saml:AudienceRestriction>
          <saml:Audience>urn:componentspace:ExampleServiceProvider</saml:Audience>
      </saml:AudienceRestriction>
  </saml:Conditions>
  <saml:AuthnStatement AuthnInstant="2014-02-22T01:17:27.958Z" 
                       SessionIndex="_db28e69a-f5cf-440d-b5b2-bf789b5b750f">
      <saml:AuthnContext>             
         <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef>
      </saml:AuthnContext>
  </saml:AuthnStatement>
  <saml:AttributeStatement>
    <saml:Attribute Name="membership-level">
      <saml:AttributeValue xsi:type="xs:string" xmlns:xs="
http://www.w3.org/2001/XMLSchema
          xmlns:xsi="
http://www.w3.org/2001/XMLSchema-instance">platinum</saml:AttributeValue>
    </saml:Attribute>
    <saml:Attribute Name="membership-number">
      <saml:AttributeValue xsi:type="xs:string" xmlns:xs="
http://www.w3.org/2001/XMLSchema
          xmlns:xsi="
http://www.w3.org/2001/XMLSchema-instance">12345678</saml:AttributeValue>
    </saml:Attribute>
  </saml:AttributeStatement>
</saml:Assertion>

By ComponentSpace - 11/30/2018

You're welcome!