SAML Attribute Authority and Query Skip to main content
https://support.okta.com/help/answers?id=906f0000000xzljiao&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
MIZANUL CHOWDHURYMIZANUL CHOWDHURY 

SAML Attribute Authority and Query

I was looking for a SAML Authority that can consume SAML Attribute query and returns SAML Attribute assertion without login or SSO flow.  It is good for retaining user data to make authorization decision. SAML is a XML-based open standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. The service provider may request for user attributes by sending an attribute query to the identity provider
ThomasThomas (Okta, Inc.) 
Here is an attribute script you may find helpful:

http://stackoverflow.com/questions/27955765/read-okta-saml-response-attribute-from-nuget-package-or-opensource-class

Plus I suggest that you go to our developer site:

http://developer.okta.com

and join a discussion related to your question.

Tom
 
api-workday api-workdayapi-workday api-workday
Hi Mizanul,

Looking at the use case I can say i've never seen one that supports this, either way it would be a very costly transaction.

It sounds like you are trying to fetch additional information about the user while they are interactivley interfacing with a downstream application?  If that is the case i think leveraging the CORS capability of the users api would be the best thing to do.

http://developer.okta.com/docs/api/getting_started/design_principles.html#cross-origin-resource-sharing-cors

within the users security context fetching
https://{$org}.okta.com/api/v1/users/me
Will return the okta user profile object

It might be worth exploring.

-Matt