...
However, there is no capability at the present time to express the need for one of a choice of attributes, or to indicate optionality. Rather, SPs should enumerate all the attributes their service will make use of, and leave the final decision up to the IdP based on what it supports and is willing to release or delegate to the user to decide. For example, if the SP accepts either "cn" or "displayName", both should be listed.
| Tip | ||
|---|---|---|
| ||
SPs that seek a wide audience of IdPs without explicit contracts or arrangements ahead of time specify the attributes they need in order to facilitate consent-driven user interfaces. |
The administrative interface has input fields for one or more requested attributes. By submitting these fields, the administrator adds the corresponding attributes to metadata.
...