SAML 2.0 Requirements for Service Providers - Response and Assertion

The following tables outline the supported SAML 2.0 elements required for service providers using Cloud Access Service (CAS) as an IdP to manage authentication. Provide this information to your application administrators.

Response

<AuthRequest> Attribute or Element	Status and Supported Values
ID	Provided
InResponseTo	Provided
Version	Provided Value: 2.0
IssueInstant	Provided
Destination	Provided
Consent	Not provided
<saml:Issuer>	Provided
NameQualifier	Not provided
SPNameQualifier	Not provided
Format	Provided Value: urn:oasis:names:tc:SAML:2.0:nameid-format:entity
SPProvidedID	Not provided
<ds:Signature>	Not provided
<samlp:Extensions>	Not provided
<samlp:Status>	Provided
<samlp:StatusCode>	Provided
Value	Provided
<samlp:StatusMessage>	May be provided
<samlp:StatusDetail>	May be provided
<saml:Assertion>	May be provided Value: See Assertion table.

Assertion

<Assertion> Attribute or Element	Status and Supported Values
ID	Provided
Version	Provided Value: 2.0
IssueInstant	Provided
<saml:Issuer>	Provided
NameQualifier	Not provided
SPNameQualifier	Not provided
Format	Provided Value: urn:oasis:names:tc:SAML:2.0:nameid-format:entity
SPProvidedID	Not provided
<ds:Signature>	Provided
<saml:Subject>	Provided
<saml:NameID>	Provided
NameQualifier	Not provided
SPNameQualifier	Not provided
Format	Provided Values: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
SPProvidedID	Not provided
<saml:SubjectConfirmation>	Provided
Method	Provided Value: urn:oasis:names:tc:SAML:2.0:cm:bearer
<saml:NameID>	Not provided
<SubjectConfirmationData>	Provided
NotBefore	Not provided
NotOnOrAfter	Provided
Recipient	Provided
InResponseTo	Provided
Address	Not provided
<saml:Conditions>	Provided
NotBefore	Provided
NotOnOrAfter	Provided
<saml:AudienceRestriction>	Provided
<saml:Audience>	Provided
<saml:Advice>	Not provided
<saml:AuthnStatement>	Provided
AuthnInstant	Provided
SessionIndex	Not provided
SessionNotOnOrAfter	Not provided
<saml:SubjectLocality>	Not provided
<saml:AuthnContext>	Provided
<saml:AuthnContextClassRef>	Provided Values: urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified urn:rsa:names:tc:SAML:2.0:ac:classes:spec:<primary_auth>:<policy_name>

For more information, see the following topics:

Don't see what you're looking for?

Potential Impact from Salesforce Device Activation Change

SAML 2.0 Requirements for Service Providers - Response and Assertion

Response

Assertion

Related Articles

Trending Articles