Home/ Questions/Q 142677
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-11T07:58:29+00:00

Is it possible to send attributes in a SAML authentication request? <samlp:AuthnRequest xmlns:samlp=urn:oasis:names:tc:SAML:2.0:protocol xmlns:saml=urn:oasis:names:tc:SAML:2.0:assertion

  • 0

Is it possible to send attributes in a SAML authentication request?

<samlp:AuthnRequest    xmlns:samlp='urn:oasis:names:tc:SAML:2.0:protocol'    xmlns:saml='urn:oasis:names:tc:SAML:2.0:assertion'    ID='aaf23196-1773-2113-474a-fe114412ab72'    Version='2.0'    IssueInstant='2004-12-05T09:21:59Z'    AssertionConsumerServiceIndex='0'    AttributeConsumingServiceIndex='0'>    <saml:Issuer>https://sp.example.com/SAML2</saml:Issuer>    <samlp:NameIDPolicy      AllowCreate='true'      Format='urn:oasis:names:tc:SAML:2.0:nameid-format:transient'/>  </samlp:AuthnRequest>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Technically, yes, it is possible, since AuthnRequest can contain an Extensions element, which can contain anything – see the SAML ‘core’ spec: AuthnRequest (section 3.4.1) is derived from RequestAbstractType (section 3.2.1) which has an optional Extensions. The sender and recipient would have to agree on the syntax and semantics of data sent this way.

    I can’t see a more ‘conventional’ way to do this, since Attributes are usually in Assertions, rather than AuthnRequests.

    • 0