Basic Privilege Profile 1.2 and OIOSAML 3.0

Basic Privilege Profile 1.2 and OIOSAML 3.0

In order to build a BPP claim that meets requirements of the Basic Privilege Profile 1.2 and OIOSAML 3.0, you can use the scripting claim transformation.

  • On the claim transformation list, you need to create a scripting claim transformation:


  • Enter a name and other general settings


  • Enter C# script to build a BPP claim:


  • Save the scripting transformation.
  • Apply this transformation to a connection.
  • Perform a login. If the logged in user has all the claims used in your script which are needed to build the BPP claim, the resulting token will have the "dk:gov:saml:attribute:Privileges_intermediate" claim.

In base64-encoded format:


In plain-text format:


Below is a sample script with some hard-coded claim types and values. You can customize it to fit your specific setup as needed.