# Requested Attributes (SAML)
The meaning of the information is dependent on the Authn Connector. There are three mechanisms for determining the RequestedAttributes:
- AttributeConsumingServiceIndex: The AttributeConsumingServiceIndex in the AuthnRequest is used to look up the
AttributeConsumingServicefrom the metadata from the connection. TheRequestedAttributesfrom theAttributeConsumingServicewill be used. - RequestedAttribute SAML extension: The
RequestedAttributeselement from the AuthnRequest is used. (See the official specification here (opens new window).) - Using Broker services.
# Example AttributeConsumingServiceIndex with AuthnRequest
<samlp:AuthnRequest AttributeConsumingServiceIndex="1"></samlp:AuthnRequest>
# Example AttributeConsumingServiceIndex and with Metadata
<md:EntityDescriptor>
<md:SPSSODescriptor>
<md:AttributeConsumingService index="1">
<md:ServiceName xml:lang="en">Example Service</md:ServiceName>
<md:RequestedAttribute isRequired="true" Name="firstName"/>
<md:RequestedAttribute Name="email"/>
</md:AttributeConsumingService>
</md:SPSSODescriptor>
</md:EntityDescriptor>
# Gives:
{
"requestedAttributes": [
"firstName",
"email"
]
}
# Example RequestedAttribute
<samlp:AuthnRequest>
<samlp:Extensions>
<req-attr:RequestedAttributes>
<md:RequestedAttribute Name="firstName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
<md:RequestedAttribute Name="lastName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
<md:RequestedAttribute Name="role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml:AttributeValue>User</saml:AttributeValue>
<saml:AttributeValue>Administrator</saml:AttributeValue>
</md:RequestedAttribute>
</req-attr:RequestedAttributes>
</samlp:Extensions>
</samlp:AuthnRequest>
# Gives:
{
"requestedAttributes": [
"firstName", "lastName", "role"
]
}