Additional single sign-on attributes

16th December 2015

We support passing some additional attributes in a SAML Assertion.

When your identity provider sends its response to us (the service provider) in response to our request to authenticate a user, it will need to send their email address. This is the unique identifier - the nameID - that will identity them within the platform.

If there is no user with that email address already configured within the platform (which will be the case the first time they sign in, unless you have previously created an account for them) the system will attempt to set up a profile for them.

If the platform has only been provided with their email address, it will give them a default name and also a default role (our ‘Basic’ one).

However you can pass their first name, their last name and/or a role id in the SAML assertion, if your identity provider supports doing so. If these attributes are passed, the system will use them when configuring that user.

You can set the following user attributes:

Attribute Description
firstName The user’s first name
lastName The user’s last name
roleId The id of the user’s role

These attributes can be passed in a SAML assertion:

<saml:AttributeStatement> <saml:Attribute Name=“firstName”> <saml:AttributeValue xmlns:xs=“http://www.w3.org/2001/XMLSchema" xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance" xsi:type=“xs:string”>John</saml:AttributeValue> </saml:Attribute> <saml:Attribute Name=“lastName”> <saml:AttributeValue xmlns:xs=“http://www.w3.org/2001/XMLSchema" xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance" xsi:type=“xs:string”>Smith</saml:AttributeValue> </saml:Attribute> <saml:Attribute Name=“roleId”> <saml:AttributeValue xmlns:xs=“http://www.w3.org/2001/XMLSchema" xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance" xsi:type=“xs:string”>abcdefgh</saml:AttributeValue> </saml:Attribute> </saml:AttributeStatement>

If you have any other questions about single sign-on (SSO) with SAML, or private video hosting, please contact us: support@vidbeo.com.

Return to the Vidbeo homepage?