...
Typically, an IdP will use the registered-by-incommon entity attribute (if it uses it all) to constrain its attribute release policy. A number of sample policy rules are illustrated in the subsections below.
| Note |
|---|
| title | Do not filter SP metadata! |
|---|
|
| An interoperable IdP consumes all the SP metadata in the world, no exceptions. Consequently, an IdP does not filter metadata. Instead an interoperable IdP implements a rational set of attribute release rules, subject to local policy. |
| Anchor |
|---|
| default-attribute-release |
|---|
| default-attribute-release |
|---|
|
...