---
title: Non-transient SAML v2.0 NameID format
description: By default, AM as an IdP uses the NameID format urn:oasis:names:tc:SAML:2.0:nameid-format:transient. Learn more in the AM documentation on Hosted identity provider configuration properties.
component: pinggateway
version: 2026
page_id: pinggateway:gateway-guide:federation-non-transient-name
canonical_url: https://docs.pingidentity.com/pinggateway/2026/gateway-guide/federation-non-transient-name.html
revdate: 2026-01-20T12:00:00Z
---

# Non-transient SAML v2.0 NameID format

By default, AM as an IdP uses the NameID format `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`. Learn more in the AM documentation on [Hosted identity provider configuration properties](https://docs.pingidentity.com/pingam/8.1/am-saml2/saml2-reference.html#saml2-hosted-idp-configuration).

When the IdP uses another NameID format, configure PingGateway to use that NameID format by editing the Fedlet configuration file `sp-extended.xml`:

* To use the NameID value provided by the IdP, add the following attribute:

  ```xml
  <Attribute name="useNameIDAsSPUserID">
    <Value>true</Value>
  </Attribute>
  ```

* To use an attribute from the assertion, add the following attribute:

  ```xml
  <Attribute name="autofedEnabled">
    <Value>true</Value>
  </Attribute>
  <Attribute name="autofedAttribute">
    <Value>sn</Value>
  </Attribute>
  ```

  This example uses the value in `SN` to identify the subject.

Although PingGateway supports the `persistent` NameID format, PingGateway doesn't store the mapping. To configure this behavior, edit the file `sp-extended.xml`:

* To disable attempts to persist the user mapping, add the following attribute:

  ```xml
  <Attribute name="spDoNotWriteFederationInfo">
    <Value>true</Value>
  </Attribute>
  ```

* To enable attempts to persist the user mapping, add the following attribute:

  ```xml
  <Attribute name="spDoNotWriteFederationInfo">
    <Value>false</Value>
  </Attribute>
  ```

If a sign on request doesn't contain a NameID format query parameter, the value is defined by the presence and content of the NameID format list for the SP and IdP. For example, an SP-initiated login can be constructed with the binding and `NameIDFormat` as a parameter, as follows:

```none
https://fedlet.example.org:7443/fedlet/SPInitiatedSSO?binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST&NameIDFormat=urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
```

When the NameID format is provided in a list, it is resolved as follows:

* If both the IdP and SP have a list, the first matching NameID format in the lists.

* If either the IdP or SP list is empty, the first NameID format in the other list.

* If neither the IdP nor SP has a list, AM defaults to `transient` and PingGateway defaults to `persistent`.