Hello, I am attempting to set up a SAML assertion for an endpoint, and have not been successful in get the settings correct after several tries. The vendor I am working with gave me example SAML assertion data that has worked for their other clients, which
I will post below. I am hoping that someone can decipher the below for me and help me determine what Attributes to send, and/or transform rules that I need to apply to get the same output.
<saml2:Subject>
<saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">pkondar</saml2:NameID>
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml2:SubjectConfirmationData NotOnOrAfter="2017-09-21T12:22:50Z" Recipient="https://endpoint.example.com/accounts/login/receive-id" />
</saml2:SubjectConfirmation>
</saml2:Subject>
<saml2:Conditions NotBefore="2017-09-21T12:09:50Z" NotOnOrAfter="2017-09-21T12:22:50Z">
<saml2:AudienceRestriction>
<saml2:Audience>client.endpoint.example.com</saml2:Audience>
</saml2:AudienceRestriction>
</saml2:Conditions>
<saml2:AuthnStatement AuthnInstant="2017-09-21T12:12:50Z" SessionIndex="_9506bec9f979d168465b9defc3febc1b4fcd08">
<saml2:AuthnContext>
<saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
</saml2:AuthnContext>
</saml2:AuthnStatement>
<saml2:AttributeStatement>
<saml2:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<saml2:AttributeValue>pkondar@client.com</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute Name="NameID" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<saml2:AttributeValue>pkondar</saml2:AttributeValue>
</saml2:Attribute>
</saml2:AttributeStatement>
</saml2:Assertion>
