Defining an attribute contract for SP STS - PingFederate - 11.0

PingFederate Server

bundle
pingfederate-110
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 11.0
category
Product
pf-110
pingfederate
ContentType_ce

An attribute contract is the set of user attributes expected in incoming SAML assertions. For more information, see Attribute contracts.

On the Attribute Contract tab, identify the user attributes.

Optionally, you can mask the values of attributes, other than SAML_SUBJECT, in logs that PingFederate writes when it receives security tokens.

Note:

Use the Edit, Update, and Cancel workflows to make or undo a change to an item. Use the Delete and Undelete workflows to remove an item or cancel the removal request.

  1. Go to Authentication > Integration > IdP Connections.
  2. On the WS-Trust STS tab, click Configure WS-Trust STS.
  3. On the Token Generation tab, click Configure Token Generation.
    The Token Generation configuration window opens.
  4. Click the Attribute Contract tab.
  5. Enter the name in the Extend the Contract field.
    Note:

    Attribute names are case-sensitive and must correspond to the attribute names expected by the requester.

  6. Optional: Select the Mask Values in Log check box .
  7. Click Add.
  8. Repeat until all applicable attributes are defined.
  9. Click Next.