## Expected Behavior In the SAML response we are expecting a NameID value to be present. That value does not come back in the response. It is unclear what other configuration our clients need to enable on their end to ensure that the NameID value is sent. ``` <samlp:Response> <saml:Assertion> <saml:Subject> <saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">ID</saml:NameID> </saml:Subject> </saml:Assertion> </samlp:Response> ``` ## Configuration As the SP we sent over a metadata file that looks like the following ``` <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" cacheDuration="PT604800S" entityID="ENTITY_ID"> <md:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <md:KeyDescriptor use="signing"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>CERTIFICATE</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:KeyDescriptor use="encryption"> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>CERTIFICATE</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </md:KeyDescriptor> <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="RESPONSE_URL" index="1"/> </md:SPSSODescriptor> <md:Organization> <md:OrganizationName xml:lang="en-US">ORG_NAME</md:OrganizationName> <md:OrganizationDisplayName xml:lang="en-US">ORG_DISPLAY_NAME</md:OrganizationDisplayName> <md:OrganizationURL xml:lang="en-US">ORG_URL</md:OrganizationURL> </md:Organization> <md:ContactPerson contactType="support"> <md:GivenName>Support</md:GivenName> <md:EmailAddress>SUPPORT_EMAIL</md:EmailAddress> </md:ContactPerson> </md:EntityDescriptor> ```