OIOSAML 3.0 Attribute Profiles

This topic shows you how to set up Safewhere Identify to issue attribute profiles for natural person and professional. The requesting identity type can be sent to Safewhere Identify via the AuthnRequest's AuthnContextRefClass element and its value can be "https://data.gov.dk/eid/Person" or "https://data.gov.dk/eid/Professional". Based on the identity type, you can set up Identify to issue necessary claims that each profile mandates.

In most cases, user's claims can come from an upstream Identity Provider, fetch from an external user store using an external claims transformation or an interceptor, or stored in Identify's user database as a user claims. For the static or computed claims, you can use the Scripting or External claim transformation to issue them. Below are some examples for how to issue those claims using the Scripting claim transformation.

• SpecVer attribute:

  Issue("https://data.gov.dk//model/core/specVersion", "OIO-SAML-3.0");
  

• BootstrapContext attribute:

  IssueBootstrapToken("https://data.gov.dk/model/core/eid/bootstrapToken");
  

• Level of Assurance attribute:

  string loa = GetLevelOfAssurance();
  Issue("https://data.gov.dk/concept/core/loa", loa);
  

See more

• Basic privilege profile attribute.