An implementation that supports the Generic SAML Assertion Identity Negotiation Association Profile shall send/accept the User Identity association negotiation sub-item, for User-Identity-Type of 4. If a positive response is requested, the association acceptor implementation shall respond with the association response sub-item containing a SAML response. The SAML Assertion information shall be made available to internal or external authentication systems. The user identity shall be authenticated by means of an authentication system that employs SAML Assertions. If the authentication fails, the association shall be rejected.
The user identity from the Primary-field shall be used within the implementation as the user identification. Such uses include recording user identification in audit messages.
Table B.7-1Minimum Mechanisms for DICOM Association Negotiation Features
|Supported Association Negotiation Feature||Minimum Mechanism|
|User Identity||SAML Assertion|