https://trustmark.nief.org/tpat/tds/icam-saml-idp-attributes/1.0/SAML IDP Requirements - Attributes1.0The attribute requirements for achieving basic SAML interoperability when implementing an Identity Provider.2021-06-25T00:00:00.000Zhttps://nief.org/NIEFPRIMARYNIEF Supporthelp@nief.orghttps://nief.org/This artifact is published by the National Identity Exchange Federation (NIEF). This artifact and the information contained herein is provided on an "AS IS" basis, and NIEF disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, NIEF disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.NIEFFederated ICAMSecurity Assertion Markup LanguageSAMLIdentity ProviderIDPAttributeAttributeFederated Identity, Credential, and Access ManagementFederated ICAMIdentity ProviderIDPIdPNational Identity Exchange FederationNIEFSecurity Assertion Markup LanguageSAMLNIEFNIEF Technical Guidance1Valid Attribute StatementEvery SAML Assertion generated by the system MUST include an AttributeStatement that includes no Encrypted Attributes and only the Attributes requested by the Relying Party.2Valid Attribute NameFormatEvery SAML attribute generated by the system MUST be set to use the SAML Attribute NameFormat urn:oasis:names:tc:SAML:2.0:attrname-format:uri.3Valid Attribute ValuesThe system MUST encode all SAML attribute values as XML strings.1Valid Attribute StatementDoes the system include an appropriate Attribute Statement in SAML Assertions? There must be no Encrypted Attributes.Sample SAML Assertion2Valid Attribute NameFormatAre all SAML Attribute NameFormats specified as urn:oasis:names:tc:SAML:2.0:attrname-format:uri?Sample SAML Attribute Statement3Valid Attribute ValuesAre all SAML Attribute Values encoded as XML Strings? This requires the type to be specified as string or to not be specified as a different type.Sample SAML Attribute Statement