diff options
author | ivan <ivan@grnet.gr> | 2017-07-28 17:59:39 +0300 |
---|---|---|
committer | ivan <ivan@grnet.gr> | 2017-07-31 18:50:31 +0300 |
commit | 6a7c7fac081d1b380e75f69ce43299a2ae301225 (patch) | |
tree | bf432a07029f30907b122c6dd11553580fd352ab | |
parent | 5ca4fb0ec9aa3c4ed77717a022b43357df3db252 (diff) | |
download | pysaml2-6a7c7fac081d1b380e75f69ce43299a2ae301225.tar.gz |
Add documentation for requested_attributes configuration option
-rw-r--r-- | doc/howto/config.rst | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/doc/howto/config.rst b/doc/howto/config.rst index 95e9a726..c1691119 100644 --- a/doc/howto/config.rst +++ b/doc/howto/config.rst @@ -511,6 +511,52 @@ Example:: This is relevant only for the eIDAS SAML profile. +requested_attributes +"""""""""""""""""""" + +A list of attributes that the SP requires from an eIDAS-Service (IdP). +Each attribute is an object with the following attributes: + +* friendly_name +* name +* required +* name_format + +Where friendly_name is an attribute name such as *DateOfBirth*, name is the +full attribute name such as +*http://eidas.europa.eu/attributes/naturalperson/DateOfBirth*, required +indicates whether this attributed is required for authentication, and +name_format indicates the name format for that attribute, such as +*urn:oasis:names:tc:SAML:2.0:attrname-format:uri*. + +It is mandatory that at least name or friendly_name is set. +By default attributes are assumed to be required. +Missing attributes are infered based on the attribute maps data. + +Example:: + + "service": { + "sp": { + "requested_attributes": [ + { + "name": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", + }, + { + "friendly_name": "DateOfBirth", + "required": False, + }, + ], + } + } + +.. note:: + This is relevant only for the eIDAS SAML profile. + + This option is different from the required_attributes and + optional_attributes parameters that control the requested + attributes in the metadata of an SP. + + idp """ |