Auth0 As service provider default claim mapping

I have setup a test SAML connection with auth0 acting as the service provider.

I am having trouble finding documentation that tells you the default claim mapping auth0 uses to generate users when they initially login.

It looks like <saml2:NameID Format=“urn:oasis:names:tc:SAML:1.0:nameid-format:unspecified”> was used as the user_id, but that contradicts what is said in this article

  • User Id Attribute : The attribute in the SAML token that will be mapped to the user_id property in Auth0. If not set, then the user_id will be retrieved from the following (in listed order):

does this mean that other name id formats would work? ex: urn:oasis:names:tc:SAML:2.0:nameid-format:transient

I also noticed that sending <saml2:Attribute Name=“”… correctly maps to the users first name, but cannot find that documented anywhere.

The default mapping is not documented anywhere at the moment. Here’s the mapping we use internally:

  'user_id': [
  'email': '',
  'name': '',
  'given_name': [
  'family_name': '',
  'groups': ''

Any mappings you add in the SAML connection will extend this default mapping.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.