Message Image

Skip main navigation (Press Enter).

Symantec Access Management

Back to discussions

Expand all | Collapse all

SAML assertion - max no of attributes

ashokpearlJun 03, 2015 12:13 AM

For one of the federation application we need to send nearly 25 attributes in SAML assertion, I am just ...

Saravanan RamalingamJun 05, 2015 01:20 PM

SAML 2.0 OASIS specification doesnt say (or restrict) the number of attributes in the assertions. Practically ...

Brett CarrollJun 10, 2015 02:17 PM

If all 25 attributes are not required for every authentication, it might make more sense to utilize ...

1. SAML assertion - max no of attributes

0 Recommend
ashokpearl
Posted Jun 03, 2015 12:13 AM

Reply Reply Privately
For one of the federation application we need to send nearly 25 attributes in SAML assertion, I am just wondering, is there any industry standard which defines the maximum no of attributes to be passed through SAML response. I meant to say limits..such as 50 or 100 attributes max.
2. Re: SAML assertion - max no of attributes

0 Recommend
Broadcom Employee

Saravanan Ramalingam
Posted Jun 05, 2015 01:20 PM

Reply Reply Privately
SAML 2.0 OASIS specification doesnt say (or restrict) the number of attributes in the assertions. Practically if there are many attributes then the assertion size will be huge and it may have issues if you are using HTTP-Redicrect binding.
3. Re: SAML assertion - max no of attributes

0 Recommend
Brett Carroll
Posted Jun 10, 2015 02:17 PM

Reply Reply Privately
If all 25 attributes are not required for every authentication, it might make more sense to utilize a SAML Attribute Service. This way the relying party can generate a SAML Attribute Service request to get the additional user information from the Identity Provider.

Copyright 2023. All rights reserved.

Powered by Higher Logic