How do I override the issuer (audience claim) in a rule for SAML2


When i look at the debug window for a SAML2 webapp I notice the issuer is not correct, What is the correct javascript rule syntax to fix this?

I have in my SAML assertion: saml:Issuerurn:not-what-i-expected</saml:Issuer>

And tried:

function (user, context, callback) {

user.awsRole = ‘arn:aws:iam::983623687068:role/auth0-saml-role,arn:aws:iam::983623687068:saml-provider/auth0-saml’;
user.awsRoleSession = ;

context.samlConfiguration.mappings = {


callback(null, user, context);

And restested the saml webap debug, but the issuer remains the same