Return user attributes from the Access Manager registry

Before performing an authorization decision, the Access Manager client retrieves user information or attributes from the Access Manager user registry.

A standard set of user attributes and other relevant information is compiled into an Access Manager credential. The following data are examples of the attributes in a credential.
  • User group membership
  • User distinguished name
  • Access Manager UUID
  • Access Manager client version
  • IP address
When you configure the Access Manager client to return user attributes, the attributes are returned to the AAA context as XML nodes in the postprocessing phase. The <TAMAttributes> node contains the attributes.
<container>
…
  <TAMAttributes>
    <attributes>
      <attribute>
        <name>AZN_CRED_AUTHZN_ID</name>
        <value>jdoe</value>
      </attribute>
      …
    </attributes>
  </TAMAttributes>