Page tree
Skip to end of metadata
Go to start of metadata

The <NameIDMgmt> element is used to enable and configure support for Name Identifier Management protocols within the SP. It is rarely used, but replaces the functions of the <md:ManageNameIDService> handler elements from the older (pre-2.4) configuration.

Instead of defining explicit endpoints with low-level binding information, the <NameIDMgmt> element automates the installation of the appropriate handlers based on the protocols selected for activation.

A basic example supporting SAML 2.0:

<NameIDMgmt>SAML2</NameIDMgmt>

Element Content

The content of the element is a whitespace-delimited list of "protocol" identifiers. The following are built-in to the SP:

  • SAML2
    • SAML 2.0 Name Identifier Management profile (front- and back-channel, IdP-initiated only).
    • For more complete information about the exact protocol behavior, see the NativeSPManageNameIDService topic.

Other protocols can be "integrated" with the service-based configuration mechanism by supplying the relevant information via the <ProtocolProvider> plugin interface.

  • No labels