SAML Response Example
The following is an example of a SAML Response, showing parts of the SAML assertion element. If you do not provide the required attributes in your file, you receive error messages, for example: Email must be provided using NameID value or the email attribute.
The following example illustrates one way to provide these values:
...
<saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
SPNameQualifier="http://www.netsuite.com/sp"
>jsmith@example.com</saml:NameID>
...
<saml:AttributeStatement>
<saml:Attribute Name="email">
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">jsmith@example.com</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="account">
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">123456</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="role">
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">1010</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="site">
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">1</saml:AttributeValue><saml:AttributeStatement>
</saml:AttributeStatement>
...
Related Topics
- SAML Single Sign-on
- Complete Preliminary Steps in NetSuite for SAML SSO
- Configure NetSuite with Your Identity Provider
- Complete the SAML Setup Page
- Update Identity Provider Information in NetSuite
- Interactions with NetSuite Using SAML
- SAML SSO in Multiple NetSuite Account Types
- NetSuite SAML Certificate References
- Remove SAML Access to NetSuite
- SAML SSO FAQ