- For Service Providers
- Offering users a choice of IdPs that have not been verified to supply necessary attributes is very scalable, but makes it essential to offer a graceful error experience if insufficient data is supplied.
- Failures due to insufficient attribute release are handled by directing users to the IdP's saml-metadata-error-url when available.
- Adequate technical documentation on attribute requirements is available in the SP's metadata (via saml-metadata-requested-attributes and User Interface Elements).
- InCommon provides an error handling service that addresses many common situations. See Error Handling Service for more information.
- For Identity Service Providers
|