IBM Security Access Manager V9.0 Deployment — Question 35
IBM Security Access Manager V9.0 will be configured as Service Provider (SP) in a SAML Federation. The same user that logs in at the Identity Provider (IdP) will be logged in on the SP side after the Single Sign-On, for example UserA on IdP will be UserA on the SP side.
Which name identifier format meets this requirement?
Answer options
- A. transient
- B. persistent
- C. principalName
- D. emailAddress
Correct answer: D
Explanation
The correct answer is D, emailAddress, as it allows for consistent identification of users across different systems by using their email as a unique identifier. Options A (transient) and B (persistent) do not provide a reliable means of maintaining the same user identity across the IdP and SP, while C (principalName) may not be universally applicable across all implementations.