List all SSO Connections

GET {{cryptr_service_url}}/api/v2/sso-connections?page=1&per_page=3

List all your SSO connections currently created, regardless of the progress of the configuration.

RETURNS

Returns list of SSO Connections with nested objects if preload_associations is set, and paginated if related attributes are present.

Request Params

RESPONSES

status: OK

{"__type__":"List","data":[{"__type__":"SsoConnection","active":false,"id":"sso-connection_2jh8ednXaXQKQc3pt7gm4JmyAa6","inserted_at":"2024-07-24T13:34:04","number_users_provisioning_limit":99,"oauth_config":null,"organization":{"__type__":"Organization","allowed_email_domains":["cpromo.com"],"color":"sky-400","domain":"cpromo","environments":[{"name":"sandbox","status":"up"},{"name":"production","status":"down"}],"icon_logo_url":null,"inline_logo_url":null,"inserted_at":"2024-07-24T07:26:37","locale":"en-US","name":"Cpromo","status":{"errors":[],"estimated_time_to_complete_in_seconds":null,"progress_in_percentage":null,"state":"terminated"},"timezone":null,"updated_at":"2024-07-24T07:26:45"},"provider_type":"saml.okta","saml_config":{"acs_url":"https://saml.staging.cryptr.eu/api/sp/consume/cpromo_2jh8efoPuSvOzPogAVNSHDMPRXS","cryptr_metadata_url":"https://saml.staging.cryptr.eu/api/sp/metadata/cpromo_2jh8efoPuSvOzPogAVNSHDMPRXS","entity_id":"cpromo_2jh8efoPuSvOzPogAVNSHDMPRXS","slo_response_url":"https://saml.staging.cryptr.eu/api/sp/signout/cpromo_2jh8efoPuSvOzPogAVNSHDMPRXS","slo_url":"https://saml.staging.cryptr.eu/api/auth/signout/cpromo_2jh8efoPuSvOzPogAVNSHDMPRXS","sso_provider_metadata":null},"sp_id":"communitiz_app_6hPWiTkwbzW3dA9EewHAbE","updated_at":"2024-07-24T13:55:45","users_access_policy":"unregistered_users_allowed"},{"__type__":"SsoConnection","active":true,"id":"sso-connection_2j8bmJSxKazoLBvyLM2D1xvwGr7","inserted_at":"2024-07-12T08:10:08","number_users_provisioning_limit":null,"oauth_config":null,"organization":{"__type__":"Organization","allowed_email_domains":["pass-pass.fr"],"color":"zinc-600","domain":"pass-pass","environments":[{"name":"sandbox","status":"up"},{"name":"production","status":"down"}],"icon_logo_url":"https://res.cloudinary.com/cryptr/image/upload/v1712828561/Logos/daylindo_icon_logo_k6hdgp.png","inline_logo_url":null,"inserted_at":"2024-05-17T14:29:57","locale":"en-US","name":"Pass Pass","status":{"errors":[],"estimated_time_to_complete_in_seconds":null,"progress_in_percentage":null,"state":"terminated"},"timezone":null,"updated_at":"2024-07-12T08:13:51"},"provider_type":"saml.okta","saml_config":{"acs_url":"https://saml.staging.cryptr.eu/api/sp/consume/pass-pass_2j8cGN9KthdvdBUfmSs2KeA7uk0","cryptr_metadata_url":"https://saml.staging.cryptr.eu/api/sp/metadata/pass-pass_2j8cGN9KthdvdBUfmSs2KeA7uk0","entity_id":"pass-pass_2j8cGN9KthdvdBUfmSs2KeA7uk0","slo_response_url":"https://saml.staging.cryptr.eu/api/sp/signout/pass-pass_2j8cGN9KthdvdBUfmSs2KeA7uk0","slo_url":"https://saml.staging.cryptr.eu/api/auth/signout/pass-pass_2j8cGN9KthdvdBUfmSs2KeA7uk0","sso_provider_metadata":null},"sp_id":"communitiz_app_6hPWiTkwbzW3dA9EewHAbE","updated_at":"2024-07-12T08:14:07","users_access_policy":"provision_new_users"},{"__type__":"SsoConnection","active":true,"id":"sso-connection_2j5kW9NzsDNunLjW7sSVkO59Tm8","inserted_at":"2024-07-11T07:52:33","number_users_provisioning_limit":null,"oauth_config":null,"organization":{"__type__":"Organization","allowed_email_domains":["adfs.signature"],"color":"fuchsia-600","domain":"adfs-signature","environments":[{"name":"sandbox","status":"up"},{"name":"production","status":"down"}],"icon_logo_url":null,"inline_logo_url":null,"inserted_at":"2024-07-11T07:52:11","locale":"en-US","name":"ADFS Signature","status":{"errors":[],"estimated_time_to_complete_in_seconds":null,"progress_in_percentage":null,"state":"terminated"},"timezone":null,"updated_at":"2024-07-11T08:14:14"},"provider_type":"saml.adfs","saml_config":{"acs_url":"https://saml.staging.cryptr.eu/api/sp/consume/adfs-signature_2j5nAO06SbbiUbcLNgi7jwgrgN1","cryptr_metadata_url":"https://saml.staging.cryptr.eu/api/sp/metadata/adfs-signature_2j5nAO06SbbiUbcLNgi7jwgrgN1","entity_id":"adfs-signature_2j5nAO06SbbiUbcLNgi7jwgrgN1","slo_response_url":"https://saml.staging.cryptr.eu/api/sp/signout/adfs-signature_2j5nAO06SbbiUbcLNgi7jwgrgN1","slo_url":"https://saml.staging.cryptr.eu/api/auth/signout/adfs-signature_2j5nAO06SbbiUbcLNgi7jwgrgN1","sso_provider_metadata":"\u003cEntityDescriptor ID=\"_7c158428-878e-4d9b-a0b2-0cf3e389fa56\" entityID=\"http://WIN-CTUNP1BB15D.cryptr.local/adfs/services/trust\" xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\"\u003e\u003cds:Signature xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"\u003e\u003cds:SignedInfo\u003e\u003cds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/\u003e\u003cds:SignatureMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256\"/\u003e\u003cds:Reference URI=\"#_7c158428-878e-4d9b-a0b2-0cf3e389fa56\"\u003e\u003cds:Transforms\u003e\u003cds:Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/\u003e\u003cds:Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/\u003e\u003c/ds:Transforms\u003e\u003cds:DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#sha256\"/\u003e\u003cds:DigestValue\u003eNIRQh4RTO9UiK5SzVekr/Xodlm2C31OLCQF050lKOJs=\u003c/ds:DigestValue\u003e\u003c/ds:Reference\u003e\u003c/ds:SignedInfo\u003e\u003cds:SignatureValue\u003eN5c5GmMJzUbw0gSHPm8V3bgEtLEsQ+KgGjD0EP1jn+1pSrcbYAsIEZJZo+W6B0ZHoAb90LN/l0UTwBG3xnNffc5rgFfcSTf5G9m7CxP1mfBabwSKcu7Hukw6qYoP+UJjHIkdNIMW7iAHyCLsz/vfaPBTsDLgvuRLFVsNfpvYnrOv+JHdQX1+TlRKp6U2Hgpcnw2FCRdGbdLYJz6IJ5OJAZCasK84+wlDzLbWLDR77fpQIoESaZc22uX7+h/C47+Awo4iJUuxi65Kyw/mFyd/JcFMRe6tnN1CL0WMX6sNqoRzDk33UBj4jSNha0rr/djerTedpZUP93BFXyPzyIu8u63te7AZ9E3zVk1kHYQR9BJ60jQRR7oSTMI8USSYY5dkdeGNZomCJmc5d8Tu4XBPba7HHUD/eIiNccZ3bS4cDVnKE7obkuYEGQpG1kiHSIUWzBOF1FaMcBBGpQfy9OM7CYSngNlN9D6fl/uAFGq5F7OTV5a28iCn6oJsDzeXAV8K5hnRCWUzEVi8+y6o1xlzxx8OXTzOfa0sdA2Mxd9bZWLvFpGsINyZwKtHwHm1WKmbnuy+VGJBQ9X7AzuNGPhA8vBMy67HQ1cWFlRKYjwMpkisJ/KAdptWVFXx2/uBwwiiRmYWvnkIPhQ+lbA+7VPHiZkfrE4yrczEIBQBTCRvQH8=\u003c/ds:SignatureValue\u003e\u003cKeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"\u003e\u003cX509Data\u003e\u003cX509Certificate\u003eMIIE9DCCAtygAwIBAgIQebWuKC7si7ZEC4lvBvMKyTANBgkqhkiG9w0BAQsFADA2MTQwMgYDVQQDEytBREZTIFNpZ25pbmcgLSBXSU4tQ1RVTlAxQkIxNUQuY3J5cHRyLmxvY2FsMB4XDTI0MDcxMDEwMTAxMVoXDTI1MDcxMDEwMTAxMVowNjE0MDIGA1UEAxMrQURGUyBTaWduaW5nIC0gV0lOLUNUVU5QMUJCMTVELmNyeXB0ci5sb2NhbDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKwWJavCa1+T+HL4ZsT4m7rI6rPyvkOTrzWbncv5UwXRnTqCt3rH3ZWEmyF+p+H4wHe4bfwJ30sNPwN6cwvPaYZYjVTDYJG98Ea3NHJX/hpyfS5v7B9H7Akcnnm+DIa9HHqvAgZWZxQSahEpwa/GTlEEfd7QIE99KrRlepOaVnXv4g4rxKtLIw7V4w4jEJhdSKDDeFBqf5qjUbrPTpj1K0g6t5DOLq4HOAeS7jXNd1/RyUb8eFnv5uqhZcJ+OBq7T5l0SN+5R3vxf7T5cPa6AtD1LaXrLiX+gtAOPX1Rt2LG+B4HM0+y9YSIxL3l6DYuMIrgJ/RlHXRr4LxWWiwqkIvk5y1dgsbl+8S7qvIhccgzHLAekDikgYeze+XORb3+qw4+icVYx0KYq6+SLQUNB+pRFhv5I6G8n2eoKMHdluumoxhE6vXZgfTttnrkXDQLZoenp+tAZDVbc5o6e8ohKbBgeuIBTRhlsTUqfFHKFrUM0RbVykuBdrVBeVMMbDELkb/WbmsnVN08sN+IiS5/dDxlpJBf5HHVAllT3AYBaXPm4vXwh53dpIM/tIUMCdmLzIwsxk1G8XoRPuixfm+QZiJMgkZgcKUGDNb/OsxcJpVIGut0S4Q52v2XyQ3RA7m4fmXiIUUYRnO2dmGd+IfEvr3M/KVKvxhARtTNsILizBnpAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAFTu9rhZaCQVPBqy6ztjT3VccX5B86LwHDUQzg1C2jfxajjVfEt+LQNJmjNO9IWWm+V+Lsx7tdHgGJtXaeZoBk/zTyo+SkEczzKQ3mFjaZa3e/8b/TeH2Dhid5R2MTCyFBTetlEcYMOrDVw4kMjQRd63qZKnSL0eu5bggkp5tane2wIKSoJMexsS8uDCuvVpAQo/8rhSHnE1aRmwRzRM9FAUfPd/jQFYUhVjZrKSDctNuxiVOpjC6ZSetOVsS/e4x1LMeGyCp/qA+O779Ycy58I2rBivB0D24BU3M4F1S58vmmkWaMFWb4NN4B51yfcXbCi93ywf5NaTgW6/KUJy2F2SPORfPeuzXh/MLJoblEROcgJXZUENOtdRznHj/bRLUupPuz0loOlCCl4T6s5AKqVE//NHVNZLxLvtnDScz4qCpV8kzpDENCWU97pQEA0XyodDqusk2tNXL5dHCdBpiiWFS7xWnvJGcYRHIHrNv3P5dNLPv+RuvzmqTkhJkUBXLJU2XJa+0nvprlpyl3JgkLbuy+MrqZozGs3JZxo/3qGm99SCFS3mRWws6SSWG8Z4BC5zw9+O8SKHtWiM2BBWHRC1jks6j03QEN0rVt7ImMO+/Xqt6or3RvFx3XHkFo0WbeI4EKMb2t12pcHc2j/We62Oe9PoRNF7lhjz7IWdi8Dh\u003c/X509Certificate\u003e\u003c/X509Data\u003e\u003c/KeyInfo\u003e\u003c/ds:Signature\u003e\u003cRoleDescriptor xsi:type=\"fed:ApplicationServiceType\" protocolSupportEnumeration=\"http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706\" ServiceDisplayName=\"Cryptr\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:fed=\"http://docs.oasis-open.org/wsfed/federation/200706\"\u003e\u003cKeyDescriptor use=\"encryption\"\u003e\u003cKeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"\u003e\u003cX509Data\u003e\u003cX509Certificate\u003eMIIE+jCCAuKgAwIBAgIQTlq6hPBpvodOM8MqCUSwNDANBgkqhkiG9w0BAQsFADA5MTcwNQYDVQQDEy5BREZTIEVuY3J5cHRpb24gLSBXSU4tQ1RVTlAxQkIxNUQuY3J5cHRyLmxvY2FsMB4XDTI0MDcxMDEwMTAxMloXDTI1MDcxMDEwMTAxMlowOTE3MDUGA1UEAxMuQURGUyBFbmNyeXB0aW9uIC0gV0lOLUNUVU5QMUJCMTVELmNyeXB0ci5sb2NhbDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOMu3PAF55N9Ws9cvdyA2w17sLiHN7bQnjUJuwcRvi9c1j4gnQJ+RXxeOaLxetKKQ4KGu0CI/56Xu1KRlDbfvRy8P6DNQNBvmpS5nDWk6LN5r45HFrEXfoi6ilfKSkSXwau2ByoO2YAhfDNau/Ii6L6YRzA6VrfR6h9MTFc21XQ0R51qcJUzaWVbAjy/TInPCNGFfBEi6ld9gn68XUpeDjeQglf6WEp+aDgLj9M8xITxkQFTGeEcS0+uBH81nSJUgLUVTohkiuNAXAaWntU9CZJSziv9YcA/SBCD8T5viZhDkmWzqfDxK+RagTYOIuZnFiJYs/TIiao6iE3byTsOm5RVj2vL/546l8HIWbkrJXDYVclBUkrIxQ3DdJzykIwNlqfTlYWGOElSfOP6HHCRUa7tikNNUL29X+RQjdq9bJHYQ3jURyP2iqufg+YknWpKakhlTKpK8i0l3kWFS7lA3GNJ40G86sp/SXlSMldt6sq4BmC0SWf30DM5Oj4y0YpY8Xvn0MKYp1UickECgIQaifU7k/T8Ah/ReZyWcamijHS1cNxAyKWmkW4HmlIXBbUMryH+g2IZA4YFlLKygogLMPsoRSCZlqb59cfc8u/X7ZWmnxPEmGhWfCn5CytXPw8wG35VLnSWo46/F0mpPdFG+GRBJwHd6U5Yi1XvMB/BFTa9AgMBAAEwDQYJKoZIhvcNAQELBQADggIBAL+vmhwtW0NIiZwVR5w8R8zlsbif/RQxX8NN1gBlZaznSIOSwgwvOjbmBJOsZYYc+ceDnwhTaelvlLh9WeHxRMRDH5xpGPzlY/xnK0VwyYwjKWa7Hs7s5/FlQcbGQymTCphxQD5PMViY9FNyxeeQLUXUtaB0UHRADDKBm7nkxFfPaktkSnwn+x1XdEunF/A+SxVJUlgKpF91kVMdI8kw9QFHCAsDzu8CZITNNjWdyocSmy+bdeDSOf1sCMFHxmmxIPB3rEBzYeITmri15GkGco4ZTJsKamWUICHx+f0pgLjpCr7a2kzaqm6LQL5n/Q2fuY9+PxuOVKPxchWspzEVyqUIF82sGryPkGaP/e3YqXHK98CdyZsubzxpHa3R/4eaxwoWLET9QWVs2/vtNtdw30EIO62VoeE27JKbBYm55+gcGD01k6XOyZdHv7bkat5Zq5oAV/2ge1xMsmQtOLm/lfjUIJ9oY011VPgDBBAUPgq93C/JvnL9QYrXLUQ4i8qjiW+4lpxlvMFkDQniiw0a5vXok4vWo5kg2/WOZu+NnvN9GtGtjMsr47mXoIOJO0j5Pi87vQtsutExSaoWDqjA0yaAq1aEpIhweA+e6bRMeRn28/BJLAAsxbMuPWIm4gVMl9yqKvzmx/qZdITB1TegjzSw1gSsM2J0NYLz1OO/5euE\u003c/X509Certificate\u003e\u003c/X509Data\u003e\u003c/KeyInfo\u003e\u003c/KeyDescriptor\u003e\u003cfed:ClaimTypesRequested\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eE-Mail Address\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe e-mail address of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eGiven Name\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe given name of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eName\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe unique name of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eUPN\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe user principal name (UPN) of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/claims/CommonName\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eCommon Name\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe common name of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/claims/EmailAddress\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eAD FS 1.x E-Mail Address\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/claims/Group\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eGroup\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eA group that the user is a member of\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/claims/UPN\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eAD FS 1.x UPN\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/role\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eRole\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eA role that the user has\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eSurname\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe surname of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003ePPID\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe private identifier of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eName ID\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe SAML name identifier of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eAuthentication time stamp\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eUsed to display the time and date that the user was authenticated\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eAuthentication method\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe method used to authenticate the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eDeny only group SID\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe deny-only group SID of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eDeny only primary SID\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe deny-only primary SID of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eDeny only primary group SID\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe deny-only primary group SID of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eGroup SID\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe group SID of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003ePrimary group SID\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe primary group SID of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003ePrimary SID\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe primary SID of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eWindows account name\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe domain account name of the user in the form of domain\\user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eIs Registered User\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eUser is registered to use this device\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eDevice Identifier\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eIdentifier of the device\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eDevice Registration Identifier\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eIdentifier for Device Registration\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eDevice Registration DisplayName\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eDisplay name of Device Registration\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eDevice OS type\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eOS type of the device\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eDevice OS Version\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eOS version of the device\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eIs Managed Device\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eDevice is managed by a management service\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eForwarded Client IP\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eIP address of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eClient Application\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eType of the Client Application\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eClient User Agent\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eDevice type the client is using to access the application\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eClient IP\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eIP address of the client\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eEndpoint Path\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eAbsolute Endpoint path which can be used to determine active versus passive clients\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eProxy\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eDNS name of the federation server proxy that passed the request\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eApplication Identifier\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eIdentifier for the Relying Party\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eApplication policies\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eApplication policies of the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eAuthority Key Identifier\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe Authority Key Identifier extension of the certificate that signed an issued certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eBasic Constraint\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eOne of the basic constraints of the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eEnhanced Key Usage\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eDescribes one of the enhanced key usages of the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eIssuer\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe name of the certificate authority that issued the X.509 certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eIssuer Name\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe distinguished name of the certificate issuer\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eKey Usage\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eOne of the key usages of the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eNot After\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eDate in local time after which a certificate is no longer valid\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eNot Before\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe date in local time on which a certificate becomes valid\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eCertificate Policies\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe policies under which the certificate has been issued\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003ePublic Key\u003c/auth:DisplayName\u003e\u003cauth:Description\u003ePublic Key of the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eCertificate Raw Data\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe raw data of the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/san\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eSubject Alternative Name\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eOne of the alternative names of the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eSerial Number\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe serial number of a certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eSignature Algorithm\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe algorithm used to create the signature of a certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/subject\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eSubject\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe subject from the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eSubject Key Identifier\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eDescribes the subject key identifier of the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eSubject Name\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe subject distinguished name from a certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eV2 Template Name\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eV1 Template Name\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eThumbprint\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThumbprint of the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eX.509 Version\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe X.509 format version of a certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eInside Corporate Network\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eUsed to indicate if a request originated inside corporate network\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003ePassword Expiration Time\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eUsed to display the time when the password expires\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003ePassword Expiration Days\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eUsed to display the number of days to password expiry\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2012/01/passwordchangeurl\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eUpdate Password URL\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eUsed to display the web address of update password service\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/claims/authnmethodsreferences\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eAuthentication Methods References\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eUsed to indicate all authentication methods used to authenticate the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eClient Request ID\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eIdentifier for a user session\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003c/fed:ClaimTypesRequested\u003e\u003cfed:TargetScopes\u003e\u003cEndpointReference xmlns=\"http://www.w3.org/2005/08/addressing\"\u003e\u003cAddress\u003ehttps://win-ctunp1bb15d.cryptr.local/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256\u003c/Address\u003e\u003c/EndpointReference\u003e\u003cEndpointReference xmlns=\"http://www.w3.org/2005/08/addressing\"\u003e\u003cAddress\u003ehttps://win-ctunp1bb15d.cryptr.local/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256\u003c/Address\u003e\u003c/EndpointReference\u003e\u003cEndpointReference xmlns=\"http://www.w3.org/2005/08/addressing\"\u003e\u003cAddress\u003ehttps://win-ctunp1bb15d.cryptr.local/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256\u003c/Address\u003e\u003c/EndpointReference\u003e\u003cEndpointReference xmlns=\"http://www.w3.org/2005/08/addressing\"\u003e\u003cAddress\u003ehttps://win-ctunp1bb15d.cryptr.local/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256\u003c/Address\u003e\u003c/EndpointReference\u003e\u003cEndpointReference xmlns=\"http://www.w3.org/2005/08/addressing\"\u003e\u003cAddress\u003ehttps://win-ctunp1bb15d.cryptr.local/adfs/ls/\u003c/Address\u003e\u003c/EndpointReference\u003e\u003cEndpointReference xmlns=\"http://www.w3.org/2005/08/addressing\"\u003e\u003cAddress\u003ehttp://win-ctunp1bb15d.cryptr.local/adfs/services/trust\u003c/Address\u003e\u003c/EndpointReference\u003e\u003c/fed:TargetScopes\u003e\u003cfed:ApplicationServiceEndpoint\u003e\u003cEndpointReference xmlns=\"http://www.w3.org/2005/08/addressing\"\u003e\u003cAddress\u003ehttps://win-ctunp1bb15d.cryptr.local/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256\u003c/Address\u003e\u003c/EndpointReference\u003e\u003c/fed:ApplicationServiceEndpoint\u003e\u003cfed:PassiveRequestorEndpoint\u003e\u003cEndpointReference xmlns=\"http://www.w3.org/2005/08/addressing\"\u003e\u003cAddress\u003ehttps://win-ctunp1bb15d.cryptr.local/adfs/ls/\u003c/Address\u003e\u003c/EndpointReference\u003e\u003c/fed:PassiveRequestorEndpoint\u003e\u003c/RoleDescriptor\u003e\u003cRoleDescriptor xsi:type=\"fed:SecurityTokenServiceType\" protocolSupportEnumeration=\"http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706\" ServiceDisplayName=\"Cryptr\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:fed=\"http://docs.oasis-open.org/wsfed/federation/200706\"\u003e\u003cKeyDescriptor use=\"signing\"\u003e\u003cKeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"\u003e\u003cX509Data\u003e\u003cX509Certificate\u003eMIIE9DCCAtygAwIBAgIQebWuKC7si7ZEC4lvBvMKyTANBgkqhkiG9w0BAQsFADA2MTQwMgYDVQQDEytBREZTIFNpZ25pbmcgLSBXSU4tQ1RVTlAxQkIxNUQuY3J5cHRyLmxvY2FsMB4XDTI0MDcxMDEwMTAxMVoXDTI1MDcxMDEwMTAxMVowNjE0MDIGA1UEAxMrQURGUyBTaWduaW5nIC0gV0lOLUNUVU5QMUJCMTVELmNyeXB0ci5sb2NhbDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKwWJavCa1+T+HL4ZsT4m7rI6rPyvkOTrzWbncv5UwXRnTqCt3rH3ZWEmyF+p+H4wHe4bfwJ30sNPwN6cwvPaYZYjVTDYJG98Ea3NHJX/hpyfS5v7B9H7Akcnnm+DIa9HHqvAgZWZxQSahEpwa/GTlEEfd7QIE99KrRlepOaVnXv4g4rxKtLIw7V4w4jEJhdSKDDeFBqf5qjUbrPTpj1K0g6t5DOLq4HOAeS7jXNd1/RyUb8eFnv5uqhZcJ+OBq7T5l0SN+5R3vxf7T5cPa6AtD1LaXrLiX+gtAOPX1Rt2LG+B4HM0+y9YSIxL3l6DYuMIrgJ/RlHXRr4LxWWiwqkIvk5y1dgsbl+8S7qvIhccgzHLAekDikgYeze+XORb3+qw4+icVYx0KYq6+SLQUNB+pRFhv5I6G8n2eoKMHdluumoxhE6vXZgfTttnrkXDQLZoenp+tAZDVbc5o6e8ohKbBgeuIBTRhlsTUqfFHKFrUM0RbVykuBdrVBeVMMbDELkb/WbmsnVN08sN+IiS5/dDxlpJBf5HHVAllT3AYBaXPm4vXwh53dpIM/tIUMCdmLzIwsxk1G8XoRPuixfm+QZiJMgkZgcKUGDNb/OsxcJpVIGut0S4Q52v2XyQ3RA7m4fmXiIUUYRnO2dmGd+IfEvr3M/KVKvxhARtTNsILizBnpAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAFTu9rhZaCQVPBqy6ztjT3VccX5B86LwHDUQzg1C2jfxajjVfEt+LQNJmjNO9IWWm+V+Lsx7tdHgGJtXaeZoBk/zTyo+SkEczzKQ3mFjaZa3e/8b/TeH2Dhid5R2MTCyFBTetlEcYMOrDVw4kMjQRd63qZKnSL0eu5bggkp5tane2wIKSoJMexsS8uDCuvVpAQo/8rhSHnE1aRmwRzRM9FAUfPd/jQFYUhVjZrKSDctNuxiVOpjC6ZSetOVsS/e4x1LMeGyCp/qA+O779Ycy58I2rBivB0D24BU3M4F1S58vmmkWaMFWb4NN4B51yfcXbCi93ywf5NaTgW6/KUJy2F2SPORfPeuzXh/MLJoblEROcgJXZUENOtdRznHj/bRLUupPuz0loOlCCl4T6s5AKqVE//NHVNZLxLvtnDScz4qCpV8kzpDENCWU97pQEA0XyodDqusk2tNXL5dHCdBpiiWFS7xWnvJGcYRHIHrNv3P5dNLPv+RuvzmqTkhJkUBXLJU2XJa+0nvprlpyl3JgkLbuy+MrqZozGs3JZxo/3qGm99SCFS3mRWws6SSWG8Z4BC5zw9+O8SKHtWiM2BBWHRC1jks6j03QEN0rVt7ImMO+/Xqt6or3RvFx3XHkFo0WbeI4EKMb2t12pcHc2j/We62Oe9PoRNF7lhjz7IWdi8Dh\u003c/X509Certificate\u003e\u003c/X509Data\u003e\u003c/KeyInfo\u003e\u003c/KeyDescriptor\u003e\u003cfed:TokenTypesOffered\u003e\u003cfed:TokenType Uri=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cfed:TokenType Uri=\"urn:oasis:names:tc:SAML:1.0:assertion\"/\u003e\u003c/fed:TokenTypesOffered\u003e\u003cfed:ClaimTypesOffered\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eE-Mail Address\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe e-mail address of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eGiven Name\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe given name of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eName\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe unique name of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eUPN\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe user principal name (UPN) of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/claims/CommonName\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eCommon Name\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe common name of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/claims/EmailAddress\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eAD FS 1.x E-Mail Address\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe e-mail address of the user when interoperating with AD FS 1.1 or AD FS 1.0\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/claims/Group\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eGroup\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eA group that the user is a member of\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/claims/UPN\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eAD FS 1.x UPN\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe UPN of the user when interoperating with AD FS 1.1 or AD FS 1.0\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/role\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eRole\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eA role that the user has\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eSurname\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe surname of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003ePPID\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe private identifier of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eName ID\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe SAML name identifier of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eAuthentication time stamp\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eUsed to display the time and date that the user was authenticated\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eAuthentication method\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe method used to authenticate the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eDeny only group SID\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe deny-only group SID of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eDeny only primary SID\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe deny-only primary SID of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eDeny only primary group SID\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe deny-only primary group SID of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eGroup SID\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe group SID of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003ePrimary group SID\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe primary group SID of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003ePrimary SID\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe primary SID of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eWindows account name\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe domain account name of the user in the form of domain\\user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eIs Registered User\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eUser is registered to use this device\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eDevice Identifier\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eIdentifier of the device\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eDevice Registration Identifier\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eIdentifier for Device Registration\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eDevice Registration DisplayName\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eDisplay name of Device Registration\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eDevice OS type\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eOS type of the device\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eDevice OS Version\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eOS version of the device\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eIs Managed Device\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eDevice is managed by a management service\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eForwarded Client IP\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eIP address of the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eClient Application\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eType of the Client Application\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eClient User Agent\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eDevice type the client is using to access the application\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eClient IP\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eIP address of the client\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eEndpoint Path\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eAbsolute Endpoint path which can be used to determine active versus passive clients\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eProxy\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eDNS name of the federation server proxy that passed the request\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eApplication Identifier\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eIdentifier for the Relying Party\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eApplication policies\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eApplication policies of the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eAuthority Key Identifier\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe Authority Key Identifier extension of the certificate that signed an issued certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eBasic Constraint\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eOne of the basic constraints of the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eEnhanced Key Usage\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eDescribes one of the enhanced key usages of the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eIssuer\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe name of the certificate authority that issued the X.509 certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eIssuer Name\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe distinguished name of the certificate issuer\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eKey Usage\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eOne of the key usages of the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eNot After\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eDate in local time after which a certificate is no longer valid\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eNot Before\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe date in local time on which a certificate becomes valid\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eCertificate Policies\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe policies under which the certificate has been issued\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003ePublic Key\u003c/auth:DisplayName\u003e\u003cauth:Description\u003ePublic Key of the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eCertificate Raw Data\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe raw data of the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/san\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eSubject Alternative Name\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eOne of the alternative names of the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eSerial Number\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe serial number of a certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eSignature Algorithm\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe algorithm used to create the signature of a certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/subject\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eSubject\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe subject from the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eSubject Key Identifier\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eDescribes the subject key identifier of the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eSubject Name\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe subject distinguished name from a certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eV2 Template Name\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe name of the version 2 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eV1 Template Name\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe name of the version 1 certificate template used when issuing or renewing a certificate. The extension is Microsoft specific.\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eThumbprint\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThumbprint of the certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eX.509 Version\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eThe X.509 format version of a certificate\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eInside Corporate Network\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eUsed to indicate if a request originated inside corporate network\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003ePassword Expiration Time\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eUsed to display the time when the password expires\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003ePassword Expiration Days\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eUsed to display the number of days to password expiry\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/ws/2012/01/passwordchangeurl\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eUpdate Password URL\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eUsed to display the web address of update password service\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/claims/authnmethodsreferences\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eAuthentication Methods References\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eUsed to indicate all authentication methods used to authenticate the user\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003cauth:ClaimType Uri=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id\" Optional=\"true\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706\"\u003e\u003cauth:DisplayName\u003eClient Request ID\u003c/auth:DisplayName\u003e\u003cauth:Description\u003eIdentifier for a user session\u003c/auth:Description\u003e\u003c/auth:ClaimType\u003e\u003c/fed:ClaimTypesOffered\u003e\u003cfed:SecurityTokenServiceEndpoint\u003e\u003cEndpointReference xmlns=\"http://www.w3.org/2005/08/addressing\"\u003e\u003cAddress\u003ehttps://win-ctunp1bb15d.cryptr.local/adfs/services/trust/2005/certificatemixed\u003c/Address\u003e\u003cMetadata\u003e\u003cMetadata xmlns=\"http://schemas.xmlsoap.org/ws/2004/09/mex\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:wsx=\"http://schemas.xmlsoap.org/ws/2004/09/mex\"\u003e\u003cwsx:MetadataSection Dialect=\"http://schemas.xmlsoap.org/ws/2004/09/mex\" xmlns=\"\"\u003e\u003cwsx:MetadataReference\u003e\u003cAddress xmlns=\"http://www.w3.org/2005/08/addressing\"\u003ehttps://win-ctunp1bb15d.cryptr.local/adfs/services/trust/mex\u003c/Address\u003e\u003c/wsx:MetadataReference\u003e\u003c/wsx:MetadataSection\u003e\u003c/Metadata\u003e\u003c/Metadata\u003e\u003c/EndpointReference\u003e\u003c/fed:SecurityTokenServiceEndpoint\u003e\u003cfed:PassiveRequestorEndpoint\u003e\u003cEndpointReference xmlns=\"http://www.w3.org/2005/08/addressing\"\u003e\u003cAddress\u003ehttps://win-ctunp1bb15d.cryptr.local/adfs/ls/\u003c/Address\u003e\u003c/EndpointReference\u003e\u003c/fed:PassiveRequestorEndpoint\u003e\u003c/RoleDescriptor\u003e\u003cSPSSODescriptor WantAssertionsSigned=\"true\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"\u003e\u003cKeyDescriptor use=\"encryption\"\u003e\u003cKeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"\u003e\u003cX509Data\u003e\u003cX509Certificate\u003eMIIE+jCCAuKgAwIBAgIQTlq6hPBpvodOM8MqCUSwNDANBgkqhkiG9w0BAQsFADA5MTcwNQYDVQQDEy5BREZTIEVuY3J5cHRpb24gLSBXSU4tQ1RVTlAxQkIxNUQuY3J5cHRyLmxvY2FsMB4XDTI0MDcxMDEwMTAxMloXDTI1MDcxMDEwMTAxMlowOTE3MDUGA1UEAxMuQURGUyBFbmNyeXB0aW9uIC0gV0lOLUNUVU5QMUJCMTVELmNyeXB0ci5sb2NhbDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOMu3PAF55N9Ws9cvdyA2w17sLiHN7bQnjUJuwcRvi9c1j4gnQJ+RXxeOaLxetKKQ4KGu0CI/56Xu1KRlDbfvRy8P6DNQNBvmpS5nDWk6LN5r45HFrEXfoi6ilfKSkSXwau2ByoO2YAhfDNau/Ii6L6YRzA6VrfR6h9MTFc21XQ0R51qcJUzaWVbAjy/TInPCNGFfBEi6ld9gn68XUpeDjeQglf6WEp+aDgLj9M8xITxkQFTGeEcS0+uBH81nSJUgLUVTohkiuNAXAaWntU9CZJSziv9YcA/SBCD8T5viZhDkmWzqfDxK+RagTYOIuZnFiJYs/TIiao6iE3byTsOm5RVj2vL/546l8HIWbkrJXDYVclBUkrIxQ3DdJzykIwNlqfTlYWGOElSfOP6HHCRUa7tikNNUL29X+RQjdq9bJHYQ3jURyP2iqufg+YknWpKakhlTKpK8i0l3kWFS7lA3GNJ40G86sp/SXlSMldt6sq4BmC0SWf30DM5Oj4y0YpY8Xvn0MKYp1UickECgIQaifU7k/T8Ah/ReZyWcamijHS1cNxAyKWmkW4HmlIXBbUMryH+g2IZA4YFlLKygogLMPsoRSCZlqb59cfc8u/X7ZWmnxPEmGhWfCn5CytXPw8wG35VLnSWo46/F0mpPdFG+GRBJwHd6U5Yi1XvMB/BFTa9AgMBAAEwDQYJKoZIhvcNAQELBQADggIBAL+vmhwtW0NIiZwVR5w8R8zlsbif/RQxX8NN1gBlZaznSIOSwgwvOjbmBJOsZYYc+ceDnwhTaelvlLh9WeHxRMRDH5xpGPzlY/xnK0VwyYwjKWa7Hs7s5/FlQcbGQymTCphxQD5PMViY9FNyxeeQLUXUtaB0UHRADDKBm7nkxFfPaktkSnwn+x1XdEunF/A+SxVJUlgKpF91kVMdI8kw9QFHCAsDzu8CZITNNjWdyocSmy+bdeDSOf1sCMFHxmmxIPB3rEBzYeITmri15GkGco4ZTJsKamWUICHx+f0pgLjpCr7a2kzaqm6LQL5n/Q2fuY9+PxuOVKPxchWspzEVyqUIF82sGryPkGaP/e3YqXHK98CdyZsubzxpHa3R/4eaxwoWLET9QWVs2/vtNtdw30EIO62VoeE27JKbBYm55+gcGD01k6XOyZdHv7bkat5Zq5oAV/2ge1xMsmQtOLm/lfjUIJ9oY011VPgDBBAUPgq93C/JvnL9QYrXLUQ4i8qjiW+4lpxlvMFkDQniiw0a5vXok4vWo5kg2/WOZu+NnvN9GtGtjMsr47mXoIOJO0j5Pi87vQtsutExSaoWDqjA0yaAq1aEpIhweA+e6bRMeRn28/BJLAAsxbMuPWIm4gVMl9yqKvzmx/qZdITB1TegjzSw1gSsM2J0NYLz1OO/5euE\u003c/X509Certificate\u003e\u003c/X509Data\u003e\u003c/KeyInfo\u003e\u003c/KeyDescriptor\u003e\u003cKeyDescriptor use=\"signing\"\u003e\u003cKeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"\u003e\u003cX509Data\u003e\u003cX509Certificate\u003eMIIE9DCCAtygAwIBAgIQebWuKC7si7ZEC4lvBvMKyTANBgkqhkiG9w0BAQsFADA2MTQwMgYDVQQDEytBREZTIFNpZ25pbmcgLSBXSU4tQ1RVTlAxQkIxNUQuY3J5cHRyLmxvY2FsMB4XDTI0MDcxMDEwMTAxMVoXDTI1MDcxMDEwMTAxMVowNjE0MDIGA1UEAxMrQURGUyBTaWduaW5nIC0gV0lOLUNUVU5QMUJCMTVELmNyeXB0ci5sb2NhbDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKwWJavCa1+T+HL4ZsT4m7rI6rPyvkOTrzWbncv5UwXRnTqCt3rH3ZWEmyF+p+H4wHe4bfwJ30sNPwN6cwvPaYZYjVTDYJG98Ea3NHJX/hpyfS5v7B9H7Akcnnm+DIa9HHqvAgZWZxQSahEpwa/GTlEEfd7QIE99KrRlepOaVnXv4g4rxKtLIw7V4w4jEJhdSKDDeFBqf5qjUbrPTpj1K0g6t5DOLq4HOAeS7jXNd1/RyUb8eFnv5uqhZcJ+OBq7T5l0SN+5R3vxf7T5cPa6AtD1LaXrLiX+gtAOPX1Rt2LG+B4HM0+y9YSIxL3l6DYuMIrgJ/RlHXRr4LxWWiwqkIvk5y1dgsbl+8S7qvIhccgzHLAekDikgYeze+XORb3+qw4+icVYx0KYq6+SLQUNB+pRFhv5I6G8n2eoKMHdluumoxhE6vXZgfTttnrkXDQLZoenp+tAZDVbc5o6e8ohKbBgeuIBTRhlsTUqfFHKFrUM0RbVykuBdrVBeVMMbDELkb/WbmsnVN08sN+IiS5/dDxlpJBf5HHVAllT3AYBaXPm4vXwh53dpIM/tIUMCdmLzIwsxk1G8XoRPuixfm+QZiJMgkZgcKUGDNb/OsxcJpVIGut0S4Q52v2XyQ3RA7m4fmXiIUUYRnO2dmGd+IfEvr3M/KVKvxhARtTNsILizBnpAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAFTu9rhZaCQVPBqy6ztjT3VccX5B86LwHDUQzg1C2jfxajjVfEt+LQNJmjNO9IWWm+V+Lsx7tdHgGJtXaeZoBk/zTyo+SkEczzKQ3mFjaZa3e/8b/TeH2Dhid5R2MTCyFBTetlEcYMOrDVw4kMjQRd63qZKnSL0eu5bggkp5tane2wIKSoJMexsS8uDCuvVpAQo/8rhSHnE1aRmwRzRM9FAUfPd/jQFYUhVjZrKSDctNuxiVOpjC6ZSetOVsS/e4x1LMeGyCp/qA+O779Ycy58I2rBivB0D24BU3M4F1S58vmmkWaMFWb4NN4B51yfcXbCi93ywf5NaTgW6/KUJy2F2SPORfPeuzXh/MLJoblEROcgJXZUENOtdRznHj/bRLUupPuz0loOlCCl4T6s5AKqVE//NHVNZLxLvtnDScz4qCpV8kzpDENCWU97pQEA0XyodDqusk2tNXL5dHCdBpiiWFS7xWnvJGcYRHIHrNv3P5dNLPv+RuvzmqTkhJkUBXLJU2XJa+0nvprlpyl3JgkLbuy+MrqZozGs3JZxo/3qGm99SCFS3mRWws6SSWG8Z4BC5zw9+O8SKHtWiM2BBWHRC1jks6j03QEN0rVt7ImMO+/Xqt6or3RvFx3XHkFo0WbeI4EKMb2t12pcHc2j/We62Oe9PoRNF7lhjz7IWdi8Dh\u003c/X509Certificate\u003e\u003c/X509Data\u003e\u003c/KeyInfo\u003e\u003c/KeyDescriptor\u003e\u003cSingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://win-ctunp1bb15d.cryptr.local/adfs/ls/\"/\u003e\u003cSingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://win-ctunp1bb15d.cryptr.local/adfs/ls/\"/\u003e\u003cNameIDFormat\u003eurn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\u003c/NameIDFormat\u003e\u003cNameIDFormat\u003eurn:oasis:names:tc:SAML:2.0:nameid-format:persistent\u003c/NameIDFormat\u003e\u003cNameIDFormat\u003eurn:oasis:names:tc:SAML:2.0:nameid-format:transient\u003c/NameIDFormat\u003e\u003cAssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://win-ctunp1bb15d.cryptr.local/adfs/ls/\" index=\"0\" isDefault=\"true\"/\u003e\u003cAssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact\" Location=\"https://win-ctunp1bb15d.cryptr.local/adfs/ls/\" index=\"1\"/\u003e\u003cAssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://win-ctunp1bb15d.cryptr.local/adfs/ls/\" index=\"2\"/\u003e\u003c/SPSSODescriptor\u003e\u003cIDPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"\u003e\u003cKeyDescriptor use=\"encryption\"\u003e\u003cKeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"\u003e\u003cX509Data\u003e\u003cX509Certificate\u003eMIIE+jCCAuKgAwIBAgIQTlq6hPBpvodOM8MqCUSwNDANBgkqhkiG9w0BAQsFADA5MTcwNQYDVQQDEy5BREZTIEVuY3J5cHRpb24gLSBXSU4tQ1RVTlAxQkIxNUQuY3J5cHRyLmxvY2FsMB4XDTI0MDcxMDEwMTAxMloXDTI1MDcxMDEwMTAxMlowOTE3MDUGA1UEAxMuQURGUyBFbmNyeXB0aW9uIC0gV0lOLUNUVU5QMUJCMTVELmNyeXB0ci5sb2NhbDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOMu3PAF55N9Ws9cvdyA2w17sLiHN7bQnjUJuwcRvi9c1j4gnQJ+RXxeOaLxetKKQ4KGu0CI/56Xu1KRlDbfvRy8P6DNQNBvmpS5nDWk6LN5r45HFrEXfoi6ilfKSkSXwau2ByoO2YAhfDNau/Ii6L6YRzA6VrfR6h9MTFc21XQ0R51qcJUzaWVbAjy/TInPCNGFfBEi6ld9gn68XUpeDjeQglf6WEp+aDgLj9M8xITxkQFTGeEcS0+uBH81nSJUgLUVTohkiuNAXAaWntU9CZJSziv9YcA/SBCD8T5viZhDkmWzqfDxK+RagTYOIuZnFiJYs/TIiao6iE3byTsOm5RVj2vL/546l8HIWbkrJXDYVclBUkrIxQ3DdJzykIwNlqfTlYWGOElSfOP6HHCRUa7tikNNUL29X+RQjdq9bJHYQ3jURyP2iqufg+YknWpKakhlTKpK8i0l3kWFS7lA3GNJ40G86sp/SXlSMldt6sq4BmC0SWf30DM5Oj4y0YpY8Xvn0MKYp1UickECgIQaifU7k/T8Ah/ReZyWcamijHS1cNxAyKWmkW4HmlIXBbUMryH+g2IZA4YFlLKygogLMPsoRSCZlqb59cfc8u/X7ZWmnxPEmGhWfCn5CytXPw8wG35VLnSWo46/F0mpPdFG+GRBJwHd6U5Yi1XvMB/BFTa9AgMBAAEwDQYJKoZIhvcNAQELBQADggIBAL+vmhwtW0NIiZwVR5w8R8zlsbif/RQxX8NN1gBlZaznSIOSwgwvOjbmBJOsZYYc+ceDnwhTaelvlLh9WeHxRMRDH5xpGPzlY/xnK0VwyYwjKWa7Hs7s5/FlQcbGQymTCphxQD5PMViY9FNyxeeQLUXUtaB0UHRADDKBm7nkxFfPaktkSnwn+x1XdEunF/A+SxVJUlgKpF91kVMdI8kw9QFHCAsDzu8CZITNNjWdyocSmy+bdeDSOf1sCMFHxmmxIPB3rEBzYeITmri15GkGco4ZTJsKamWUICHx+f0pgLjpCr7a2kzaqm6LQL5n/Q2fuY9+PxuOVKPxchWspzEVyqUIF82sGryPkGaP/e3YqXHK98CdyZsubzxpHa3R/4eaxwoWLET9QWVs2/vtNtdw30EIO62VoeE27JKbBYm55+gcGD01k6XOyZdHv7bkat5Zq5oAV/2ge1xMsmQtOLm/lfjUIJ9oY011VPgDBBAUPgq93C/JvnL9QYrXLUQ4i8qjiW+4lpxlvMFkDQniiw0a5vXok4vWo5kg2/WOZu+NnvN9GtGtjMsr47mXoIOJO0j5Pi87vQtsutExSaoWDqjA0yaAq1aEpIhweA+e6bRMeRn28/BJLAAsxbMuPWIm4gVMl9yqKvzmx/qZdITB1TegjzSw1gSsM2J0NYLz1OO/5euE\u003c/X509Certificate\u003e\u003c/X509Data\u003e\u003c/KeyInfo\u003e\u003c/KeyDescriptor\u003e\u003cKeyDescriptor use=\"signing\"\u003e\u003cKeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"\u003e\u003cX509Data\u003e\u003cX509Certificate\u003eMIIE9DCCAtygAwIBAgIQebWuKC7si7ZEC4lvBvMKyTANBgkqhkiG9w0BAQsFADA2MTQwMgYDVQQDEytBREZTIFNpZ25pbmcgLSBXSU4tQ1RVTlAxQkIxNUQuY3J5cHRyLmxvY2FsMB4XDTI0MDcxMDEwMTAxMVoXDTI1MDcxMDEwMTAxMVowNjE0MDIGA1UEAxMrQURGUyBTaWduaW5nIC0gV0lOLUNUVU5QMUJCMTVELmNyeXB0ci5sb2NhbDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKwWJavCa1+T+HL4ZsT4m7rI6rPyvkOTrzWbncv5UwXRnTqCt3rH3ZWEmyF+p+H4wHe4bfwJ30sNPwN6cwvPaYZYjVTDYJG98Ea3NHJX/hpyfS5v7B9H7Akcnnm+DIa9HHqvAgZWZxQSahEpwa/GTlEEfd7QIE99KrRlepOaVnXv4g4rxKtLIw7V4w4jEJhdSKDDeFBqf5qjUbrPTpj1K0g6t5DOLq4HOAeS7jXNd1/RyUb8eFnv5uqhZcJ+OBq7T5l0SN+5R3vxf7T5cPa6AtD1LaXrLiX+gtAOPX1Rt2LG+B4HM0+y9YSIxL3l6DYuMIrgJ/RlHXRr4LxWWiwqkIvk5y1dgsbl+8S7qvIhccgzHLAekDikgYeze+XORb3+qw4+icVYx0KYq6+SLQUNB+pRFhv5I6G8n2eoKMHdluumoxhE6vXZgfTttnrkXDQLZoenp+tAZDVbc5o6e8ohKbBgeuIBTRhlsTUqfFHKFrUM0RbVykuBdrVBeVMMbDELkb/WbmsnVN08sN+IiS5/dDxlpJBf5HHVAllT3AYBaXPm4vXwh53dpIM/tIUMCdmLzIwsxk1G8XoRPuixfm+QZiJMgkZgcKUGDNb/OsxcJpVIGut0S4Q52v2XyQ3RA7m4fmXiIUUYRnO2dmGd+IfEvr3M/KVKvxhARtTNsILizBnpAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAFTu9rhZaCQVPBqy6ztjT3VccX5B86LwHDUQzg1C2jfxajjVfEt+LQNJmjNO9IWWm+V+Lsx7tdHgGJtXaeZoBk/zTyo+SkEczzKQ3mFjaZa3e/8b/TeH2Dhid5R2MTCyFBTetlEcYMOrDVw4kMjQRd63qZKnSL0eu5bggkp5tane2wIKSoJMexsS8uDCuvVpAQo/8rhSHnE1aRmwRzRM9FAUfPd/jQFYUhVjZrKSDctNuxiVOpjC6ZSetOVsS/e4x1LMeGyCp/qA+O779Ycy58I2rBivB0D24BU3M4F1S58vmmkWaMFWb4NN4B51yfcXbCi93ywf5NaTgW6/KUJy2F2SPORfPeuzXh/MLJoblEROcgJXZUENOtdRznHj/bRLUupPuz0loOlCCl4T6s5AKqVE//NHVNZLxLvtnDScz4qCpV8kzpDENCWU97pQEA0XyodDqusk2tNXL5dHCdBpiiWFS7xWnvJGcYRHIHrNv3P5dNLPv+RuvzmqTkhJkUBXLJU2XJa+0nvprlpyl3JgkLbuy+MrqZozGs3JZxo/3qGm99SCFS3mRWws6SSWG8Z4BC5zw9+O8SKHtWiM2BBWHRC1jks6j03QEN0rVt7ImMO+/Xqt6or3RvFx3XHkFo0WbeI4EKMb2t12pcHc2j/We62Oe9PoRNF7lhjz7IWdi8Dh\u003c/X509Certificate\u003e\u003c/X509Data\u003e\u003c/KeyInfo\u003e\u003c/KeyDescriptor\u003e\u003cSingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://win-ctunp1bb15d.cryptr.local/adfs/ls/\"/\u003e\u003cSingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://win-ctunp1bb15d.cryptr.local/adfs/ls/\"/\u003e\u003cNameIDFormat\u003eurn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\u003c/NameIDFormat\u003e\u003cNameIDFormat\u003eurn:oasis:names:tc:SAML:2.0:nameid-format:persistent\u003c/NameIDFormat\u003e\u003cNameIDFormat\u003eurn:oasis:names:tc:SAML:2.0:nameid-format:transient\u003c/NameIDFormat\u003e\u003cSingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://win-ctunp1bb15d.cryptr.local/adfs/ls/\"/\u003e\u003cSingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://win-ctunp1bb15d.cryptr.local/adfs/ls/\"/\u003e\u003cAttribute Name=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"E-Mail Address\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Given Name\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Name\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"UPN\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.xmlsoap.org/claims/CommonName\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Common Name\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.xmlsoap.org/claims/EmailAddress\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"AD FS 1.x E-Mail Address\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.xmlsoap.org/claims/Group\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Group\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.xmlsoap.org/claims/UPN\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"AD FS 1.x UPN\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/role\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Role\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Surname\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"PPID\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Name ID\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Authentication time stamp\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Authentication method\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Deny only group SID\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Deny only primary SID\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Deny only primary group SID\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Group SID\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Primary group SID\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Primary SID\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Windows account name\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/isregistereduser\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Is Registered User\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/identifier\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Device Identifier\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/registrationid\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Device Registration Identifier\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/displayname\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Device Registration DisplayName\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/ostype\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Device OS type\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/osversion\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Device OS Version\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/01/devicecontext/claims/ismanaged\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Is Managed Device\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Forwarded Client IP\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Client Application\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Client User Agent\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-ip\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Client IP\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Endpoint Path\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Proxy\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/relyingpartytrustid\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Application Identifier\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/applicationpolicy\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Application policies\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/authoritykeyidentifier\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Authority Key Identifier\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/basicconstraints\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Basic Constraint\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/eku\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Enhanced Key Usage\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/issuer\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Issuer\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/issuername\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Issuer Name\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/keyusage\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Key Usage\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/notafter\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Not After\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/notbefore\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Not Before\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatepolicy\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Certificate Policies\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/rsa\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Public Key\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/rawdata\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Certificate Raw Data\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/san\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Subject Alternative Name\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/ws/2008/06/identity/claims/serialnumber\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Serial Number\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/signaturealgorithm\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Signature Algorithm\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/subject\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Subject\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/subjectkeyidentifier\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Subject Key Identifier\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Subject Name\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplateinformation\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"V2 Template Name\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/extension/certificatetemplatename\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"V1 Template Name\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/thumbprint\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Thumbprint\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/12/certificatecontext/field/x509version\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"X.509 Version\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Inside Corporate Network\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Password Expiration Time\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Password Expiration Days\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/ws/2012/01/passwordchangeurl\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Update Password URL\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/claims/authnmethodsreferences\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Authentication Methods References\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003cAttribute Name=\"http://schemas.microsoft.com/2012/01/requestcontext/claims/client-request-id\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:uri\" FriendlyName=\"Client Request ID\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\"/\u003e\u003c/IDPSSODescriptor\u003e\u003c/EntityDescriptor\u003e"},"sp_id":"communitiz_app_6hPWiTkwbzW3dA9EewHAbE","updated_at":"2024-07-11T08:14:20","users_access_policy":"provision_new_users"}],"pagination":{"current_page":1,"current_pages":[1,2,3,4,5],"next_page":2,"per_page":3,"prev_page":1,"total_pages":5},"total":14}