Which domain attribute must be included to meet the SAML assertion requirement for Just-In-Time provisioning in Workspace ONE?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
https://pubs.vmware.com/identity-manager-27/index.jsp?topic=%2Fcom.vmware.wsp-administrator_27%2FGUID-06A8E165-8A04-411B-8C96-SAML (Security Assertion Markup Language) is an XML-based protocol that enables the exchange of authentication and authorization data between parties, particularly between an identity provider (IdP) and a service provider (SP). Just-In-Time (JIT) provisioning is a feature that allows the automatic creation of user accounts in the SP when a user first attempts to access a resource.
When using JIT provisioning in Workspace ONE, the SAML assertion must include certain attributes that will be used to create the user account in the SP. Among these attributes, one that must be included is the domain attribute.
The domain attribute is used to identify the user's domain or organization. It is necessary for Workspace ONE to determine which organization the user belongs to and which user group(s) the user should be assigned to in the SP.
Therefore, the correct answer to the question is not listed. None of the options (A. email, B. lastName, C. firstName, D. userName) correspond to the domain attribute, which is required for Just-In-Time provisioning in Workspace ONE.