metadata has a blank NameIDFormat

[lorodoes]

My metadata has a missing NameIDFormat:

<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" validUntil="2023-03-12T15:11:37.069Z" entityID="https://terraboard.example.com/saml/metadata"> <SPSSODescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" validUntil="2023-03-12T15:11:37.069447433Z" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" AuthnRequestsSigned="false" WantAssertionsSigned="true"> <KeyDescriptor use="encryption"> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <X509Data xmlns="http://www.w3.org/2000/09/xmldsig#"> <X509Certificate xmlns="http://www.w3.org/2000/09/xmldsig#">MIIF6TCCA9GgAwIBAgIUdU2inuRTmjpkHNbr0EtxuDkaZGAwDQYJKoZIhvcNAQELBQAwgYMxCzAJBgNVBAYTAlVTMREwDwYDVQQIDAhWaXJpZ2luYTEQMA4GA1UEBwwHSGVybmRvbjEMMAoGA1UECgwDU01YMRUwEwYDVQQLDAxDbG91ZGFzc3VyZWQxKjAoBgNVBAMMIXRlcnJhYm9hcmR2Mi1kZXYuY2xvdWRhc3N1cmVkLmNvbTAeFw0yMzAzMDYwMTU0MzlaFw0zMzAzMDMwMTU0MzlaMIGDMQswCQYDVQQGEwJVUzERMA8GA1UECAwIVmlyaWdpbmExEDAOBgNVBAcMB0hlcm5kb24xDDAKBgNVBAoMA1NNWDEVMBMGA1UECwwMQ2xvdWRhc3N1cmVkMSowKAYDVQQDDCF0ZXJyYWJvYXJkdjItZGV2LmNsb3VkYXNzdXJlZC5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDU/2QAcYlwgwkO4JINAn/Wdv4syaR7qn1R2IljQJ5cLyUKOfkhylCZuuayQUxzCtPk58Ja0bqnt94AOhloGKeFzagzfFIkdwzgToM3dPuwD63qSxscBl/Ivl1Zc/JgyHruJ3m5tWI2yB+oE9EQybnCY7neZsfQ6hl8WsgFAvG69Acec9rj+QNMeqa6jDnhw5X0WL4zvFLol9pbiHc4D+r0VKUrYu9g+m9hSKup2YsgP09nZvzCKrsr6y6IAGv6tCFVFqJ2BLt3QE5P35nqTGtLg1tNTn+HwDJ4XJfNyNWrJAQsDDT5f/gevhNnodUWE9pCGE8DmTuBEcsiwtMfSkntyIr1hploAFa8a5AIuMJ1wdu2CqjN35bUXvMsrWVJjsTAMc4uE0rDP/YNaDpOTA22yZtb0wmj0JteaZKsW1iDXLOfDAlR3G1nPFHm9JvsT+5w73iUdEM53iH6Ml8tofx6/vyByUZV8NftwDQLmUw5eXfUfgaZVcRhOiGbtpvlatOw68PNvb+STerkiz0CRqtwyn9zTaip5chisHQSY/CPKZyl4glW+nlMDApDUVmayIJdXo87x8mpk1tzG8jXxXEEv1iaGf24iiRBq8gmaKbOicjcZ2MeIGlw7UIMdVFy5W8jO5bCbewL+ip7YWrwnhUaDnlK9g2X5XFnPbGw4cQYvQIDAQABo1MwUTAdBgNVHQ4EFgQUX7VuvoMwM87keB8FAmuFgAXbXyIwHwYDVR0jBBgwFoAUX7VuvoMwM87keB8FAmuFgAXbXyIwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAz5FMXBjKdbZvVHJyqfCbqy90mY130YfQ86lxUagSeXAwSjh7hJOgeKZTL6cKZv76C++CsztU+iWQ0DqmFEeJIq7QcRQQAh0IwF70OG0Loo57jq72r0KQfjCofR26Pj+TTIETHDqJDLRvv3PrPZIpTlTXRvKC7q6tapDkE5/KQUtubDRzkWY9wpBHC5s9VeYjriwAFpJ1NNg9dCsX2d8ouQddHT5TfvsqQ2tN9nWNXsuqLmdgfj59jyL6m8Moch6gqEi/RCvLyRT9o3F7Tbr6rXkWSvt+T09QWJpbGU+x8pdB/YfUPTjMflKB1CDHuEm//DdVUQUzeGHbC+mhHAnF22c8NKuPmJBZt9LWypLA+eMFmb6igb8N4LsYcva0U2sUmY42vJaVlPZhkdwviJ+0ll6dBlcgSbEedUxvNSwGAangMGmgCRnxkonA1A5j/jFIicJwHskUcJ31NktFNwykv3OWgSUnCU+6I/6pv9m+KVODV5R/ifIBEqmqw9mP5WrgRyQC/3uURVHpphF7vs3gQoyRYieV8G/foOP3Hcv48KGXZ6RHJGy3r5zmxu570pZtiSRiPuzpJWNjojoE3v/JJlZJ2IySNxeVAZjLuVxEMvqw2/ljQ5C8nVQ9fuZKrno+v+R90MYPUegrHuxgH7mOCK9KpANo2W2y8GTgnC1d4oE=</X509Certificate> </X509Data> </KeyInfo> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"></EncryptionMethod> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"></EncryptionMethod> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"></EncryptionMethod> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"></EncryptionMethod> </KeyDescriptor> <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://terraboard.example.com/saml/slo" ResponseLocation="https://terraboard.example.com/saml/slo"></SingleLogoutService> <NameIDFormat></NameIDFormat> <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://terraboard.example.com/saml/acs" index="1"></AssertionConsumerService> <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://terraboard.example.com/saml/acs" index="2"></AssertionConsumerService> </SPSSODescriptor> </EntityDescriptor>

Is this a bug or did a miss configuration?

[nihara-thomas]

Seeing the same. It appears to be intentional with this change.

[hellraiser-rnd]

It can be passed by adding your own NameIdFormat. For example: samlSP.ServiceProvider.AuthnNameIDFormat = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"