Lumen help

Authentication and SSO management

The folllowing is an example of a SAML assertion:

                <saml2:Assertion ID="_1184305154138349862" IssueInstant="2021-08-31T15:16:06.093Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
saml2:Issuer<https://localhost:10443/sso/idp</saml2:Issuer>>
saml2:Subject
<saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">john.smith@mydomain.com</saml2:NameID>
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml2:SubjectConfirmationData InResponseTo="_d8c523d1b65eef00c636a91ddfcf5935" NotOnOrAfter="2021-08-31T15:17:46.065Z" Recipient="https://localhost:8443/sso/saml2/sp/callback/cas-localhost"/>
</saml2:SubjectConfirmation>
</saml2:Subject>
<saml2:Conditions NotBefore="2021-08-31T15:16:06.122Z" NotOnOrAfter="2021-08-31T15:17:46.122Z">
saml2:AudienceRestriction
saml2:Audiencecas-localhost</saml2:Audience>
</saml2:AudienceRestriction>
</saml2:Conditions>
<saml2:AuthnStatement AuthnInstant="2021-08-31T15:16:06.065Z" SessionIndex="_4837487843227240903">
<saml2:SubjectLocality Address="cas-localhost"/>
saml2:AuthnContext
saml2:AuthnContextClassRefurn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml2:AuthnContextClassRef>
</saml2:AuthnContext>
</saml2:AuthnStatement>
saml2:AttributeStatement
<saml2:Attribute FriendlyName="samlAuthenticationStatementAuthMethod" Name="samlAuthenticationStatementAuthMethod">
<saml2:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema%22 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance%22 xsi:type="xsd:string">urn:oasis:names:tc:SAML:1.0:am:password</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="lastName" Name="lastName">
<saml2:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema%22 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance%22 xsi:type="xsd:string">Smith</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="firstName" Name="firstName">
<saml2:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema%22 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance%22 xsi:type="xsd:string">John</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="role" Name="role">
<saml2:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema%22 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance%22 xsi:type="xsd:string">Admin</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="isFromNewLogin" Name="isFromNewLogin">
<saml2:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema%22 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance%22 xsi:type="xsd:string">true</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="authenticationDate" Name="authenticationDate">
<saml2:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema%22 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance%22 xsi:type="xsd:string">2021-08-31T09:16:05.868-06:00[America/Denver]</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="authenticationMethod" Name="authenticationMethod">
<saml2:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema%22 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance%22 xsi:type="xsd:string">AcceptUsersAuthenticationHandler</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="successfulAuthenticationHandlers" Name="successfulAuthenticationHandlers">
<saml2:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema%22 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance%22 xsi:type="xsd:string">AcceptUsersAuthenticationHandler</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="longTermAuthenticationRequestTokenUsed" Name="longTermAuthenticationRequestTokenUsed">
<saml2:AttributeValue xmlns:xsd="http://www.w3.org/2001/XMLSchema%22 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance%22 xsi:type="xsd:string">false</saml2:AttributeValue>
</saml2:Attribute>
</saml2:AttributeStatement>
</saml2:Assertion>