Problem statement
The default mapping options on an application that uses the SAML web addon are the following:
{
"user_id": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
"email": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
"name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
"given_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname",
"family_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname",
"upn": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn",
"groups": "http://schemas.xmlsoap.org/claims/Group"
}
These properties are added even though other properties are being added in the Action. When using rules, the behavior is different. Adding properties from within rules would not display those properties.
Solution
As a workaround, so the default mapping is not used, add an empty mapping on the addon by following the steps in the following document:
Enable SAML2 Web App AddonBe sure to set properties mapped on the actions that will be shown.