Description
If an STS client sends a validate binding request to the STS it can ask to "transform" the token by setting the tokenType element. If the tokenType element is SAML it is not supported to add claims information to the issued SAML token. The STS should support the Claims element in the RST either as a child of the RST or in the SecondaryParameters element.