Authentication Context Attributes Value Provider
The Authentication Context attributes value provider accesses contextual information about the authentication session. This provider retrieves context-specific details, attributes that describe how and by whom the authentication request was made.
The Authentication Context attributes provider retrieves attributes from the current authentication session context. These attributes provide information about the authentication flow itself rather than the authenticated user, enabling authorization decisions based on how the user authenticated.
Use Cases#
The Authentication Context attributes value provider enables authorization and auditing scenarios that require information about the authentication session.
Common use cases include:
- Audit Trail: Include authentication context in assertions for comprehensive audit logging that tracks both the user and the authentication method
- Conditional Access: Enable APIs to make authorization decisions based on authentication context, such as requiring stronger authentication for sensitive operations
- Multi-Factor Verification: Expose which authentication factors were used during login to downstream services for compliance verification
Getting Started#
To create an Authentication Context attributes value provider, sign in to the Admin UI and navigate to Profiles → SAML Profile → Attributes → Attribute Value Providers.
Select + New Attribute Value Provider, give the provider a unique identifier and choose the Authentication Context Attributes Provider type.
The provider automatically accesses the authentication session context when assertions are issued. No external connections or additional configuration is required.
The Authentication Context attributes value provider only returns attributes that exist in the current authentication session. The available attributes depend on the authentication flow and service provider configuration.