Basic Privilege Profile 1.2 and OIOSAML 3.0

Basic Privilege Profile 1.2 and OIOSAML 3.0

In order to build a BPP claim that meets requirements of the Basic Privilege Profile 1.2 and OIOSAML 3.0, you can use the scripting claim transformation.

  • On the claim transformation list, you need to create a scripting claim transformation:

scripting-oiosaml-BPP

  • Enter a name and other general settings

scripting-oiosaml-BPP-general

  • Enter C# script to build a BPP claim:

scripting-oiosaml-BPP-settings

  • Save the scripting transformation.
  • Apply this transformation to a connection.
  • Perform a login. If the logged in user has all the claims used in your script which are needed to build the BPP claim, the resulting token will have the "dk:gov:saml:attribute:Privileges_intermediate" claim.

In base64-encoded format:

scripting-oiosaml-BPP-result-base64

In plain-text format:

scripting-oiosaml-BPP-result-xml

Below is a sample script with some hard-coded claim types and values. You can customize it to fit your specific setup as needed.