Can I provide a username to use in a SAML request? (AD FS)

Question

Can I provide a username to use in a SAML request? (AD FS)

When starting a SAML authentication request (from a service provider), is there a way to provide the identity provider with a hint about which username to use? In my application, I know which user he wants to authenticate (based on the unique link that the user clicked on the email), and I would like this username to be populated in the IdP username field.

Using SAML 2.0 with Active Directory Federation Services (AD FS) 2.1.

+6

adfs single-sign-on saml saml-2.0

joelsand Nov 19 '13 at 14:54

source share

1 answer

Anders abel · Accepted Answer · 2013-11-19T21:23:50+0000

Yes, you can use the optional <saml:Subject> field in an AuthnRequest message sent from SP to Idp to request a specific object from Idp. See Section 3.4.1 in the SAML2 specification .

I have no idea if ADFS supports this field.

Can I provide a username to use in a SAML request? (AD FS)

More articles: