Hi,
Currently, I’m using Auth0 as an IdP for login via SAML. The client requires first_name and last_name attributes. The SAML assertion doesn’t contain these attributes. I tried following but still, it doesn’t work:
{
“mappings”: {
“email”: “http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress”,
“given_name”: “http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname”,
“family_name”: “http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname”
},
“mapUnknownClaimsAsIs”: true
}
Thanks in advance. Please help with this.
Hi Adnan-kamili,
Did you solve this? I’m having the same problem.
1 Like
I’d like to be able to add custom attributes to the mappings keys, but I can’t. I also tried adding a rule, but it doesn’t work either.
The SAML configuration:
{
"audience": "https://<domain>/sso/acs/",
"recipient": "https://<domain>/sso/acs/",
"mappings": {
"user_email": "user.email",
"user_first_name": "user.user_metadata.given_name",
"user_last_name": "user.user_metadata.family_name",
"token": "client_metadata.token"
},
"createUpnClaim": true,
"passthroughClaimsWithNoMapping": true,
"mapUnknownClaimsAsIs": true,
"mapIdentities": true,
"signatureAlgorithm": "rsa-sha256",
"digestAlgorithm": "sha256",
"destination": "https://<domain>/sso/acs/",
"lifetimeInSeconds": 60,
"signResponse": true,
"typedAttributes": false,
"includeAttributeNameFormat": true,
"nameIdentifierFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailaddress",
"binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
}
The rule:
function mapSamlAttributes(user, context, callback) {
context.samlConfiguration.mappings = {
user: {
email: user.email,
first_name: user.user_metadata.given_name,
last_name: user.user_metadata.family_name,
},
token: context.clientMetadata.token,
};
callback(null, user, context);
}