[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: AllowCreate in NameIDPolicy element
Hello! I'm trying to understand the AllowCreate attribute of a samlp:NameIDPolicy element. SAMLcore states 'When "false", the requester constrains the identity provider to only issue an assertion to it if an acceptable identifier for the principal has already been established.' On an operational level, does this mean that computed or transient NameIDs cannot be used unless AllowCreate is true? On the policy level, why should an SP care? Thanks for any insight, Alex -- Alex Stuart Team Leader - Federated Access Management EDINA, University of Edinburgh The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]