A Moonshot Identity Provider can release information about the user that is being authenticated through the use of SAML embedded in the RADIUS traffic. This page lists the options available to an Identity Provider administrator to achieve this.

Currently, Option 1 is the preferred option as it presents the most flexible and capable solution. Option 2 lacks flexibility, and Option 3 has undesirable implications for managing attribute release.

Option 1 - Using the ABFAB IDP/RPP FreeRadius modules

Option 2 - Issuing SAML Assertions hard-coded in the RADIUS Server

Option 3 - Using an existing SAML Identity Provider

Option 4 - Using SAML components co-located on the RADIUS server