What defines the IdP endpoint that accepts Simple Object Access Protocol (SOAP) queries in a SAML configuration?

The IdP endpoint that accepts Simple Object Access Protocol (SOAP) queries in a SAML configuration is defined by the Attribute Query URL. In the context of SAML, the Identity Provider (IdP) may need to provide specific attributes about a user to the Service Provider (SP) upon request. This is done through SOAP-based messages that leverage the Attribute Query format, which allows the SP to request such attributes from the IdP.

The Attribute Query URL is specifically designed to handle these requests and is structured to accept SOAP messages. This makes it the foremost choice for querying user attributes in a SAML setup, enabling efficient communication between the SP and IdP to ascertain user-specific details as needed.

Other options pertain to different functionalities within SAML configurations but do not serve the specific role of processing SOAP queries for user attribute retrieval. For instance, the SAML Endpoint URL typically refers to the endpoint used for handling SAML assertions rather than specific SOAP requests. The User Info Endpoint is generally used in OAuth contexts for accessing user data rather than in direct SAML attribute queries. The Token Validation URL is focused on verifying tokens in authentication flows and is unrelated to fetching user attributes in the manner outlined by the Attribute Query.