Resolve "Centraleyes Onboarding"
2 unresolved threads
2 unresolved threads
Closes #465 (closed)
Merge request reports
Activity
assigned to @aljavonboles
36131 entityID="urn:amazon:cognito:sp:us-east-1_kqYWxmXjz"> 36132 <Extensions> 36133 <mdrpi:RegistrationInfo registrationAuthority="https://nebraska.edu/nefed" /> 36134 <mdattr:EntityAttributes> 36135 <saml:Attribute Name="http://macedir.org/entity-category" 36136 NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> 36137 <saml:AttributeValue>https://nebraska.edu/category/registered-by-nefed</saml:AttributeValue> 36138 </saml:Attribute> 36139 </mdattr:EntityAttributes> 36140 <mdui:UIInfo> 36141 <mdui:DisplayName xml:lang="en">Centraleyes</mdui:DisplayName> 36142 <mdui:Description xml:lang="en">Centraleyes</mdui:Description> 36143 <mdui:InformationURL xml:lang="en">https://www.centraleyes.com/about-us/</mdui:InformationURL> 36144 <mdui:PrivacyStatementURL xml:lang="en"> 36145 https://www.proofpoint.com/us/legal/privacy-policy</mdui:PrivacyStatementURL> 36146 <mdui:Logo height="85" width="141" xml:lang="en"> changed this line in version 2 of the diff
36137 <saml:AttributeValue>https://nebraska.edu/category/registered-by-nefed</saml:AttributeValue> 36138 </saml:Attribute> 36139 </mdattr:EntityAttributes> 36140 <mdui:UIInfo> 36141 <mdui:DisplayName xml:lang="en">Centraleyes</mdui:DisplayName> 36142 <mdui:Description xml:lang="en">Centraleyes</mdui:Description> 36143 <mdui:InformationURL xml:lang="en">https://www.centraleyes.com/about-us/</mdui:InformationURL> 36144 <mdui:PrivacyStatementURL xml:lang="en"> 36145 https://www.proofpoint.com/us/legal/privacy-policy</mdui:PrivacyStatementURL> 36146 <mdui:Logo height="85" width="141" xml:lang="en"> 36147 </mdui:Logo> 36148 </mdui:UIInfo> 36149 </Extensions> 36150 <SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" 36151 protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> 36152 <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat> -
Nowadays I would always recommend using the email address nameID because unspecified is ignored by Shib which causes it to send "transient" nameID instead, which no service will ever use. Email is a nice compromise if we don't know exactly what the service provider needs.
<NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat> changed this line in version 2 of the diff
mentioned in commit 27da9d0b
Please register or sign in to reply