SAML 1.1 ClaimType Error

[btormey]

I set up a Relying Party to accept SAML v2.0 tokens and added claims to the SignIn() method. This seemed to work perfectly fine, but when I found out the client only accepted SAML v1.1 tokens, I switched the token type of the Relying Party to SAML 1.1. Now I seem to be getting an error stating:

ID4216: The ClaimType 'FirstName' must be of format 'namespace'/'name'. Parameter name: claimType

Is there something that needs to be adjusted now when creating claims?

I am currently creating them like

var claims = new List<Claim>
{
    new Claim("FirstName", "My First Name"),
};

[leastprivilege]

The error is pretty explicit ;)

try

new Claim("http://myclaims/firstName", "foo");

[btormey]

Two questions.

1. Isn't that already specified in the federation metadata such as

<auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://identityserver.thinktecture.com/claims/profileclaims/firstname"/>

1. Why is this change necessary for SAML 1.1, but not needed for SAML 2.0?

[leastprivilege]

SAML 1.1 is different to SAML 2.0 - thats why ;)