Map SAML Attribute Statements received from an external IdP and convert them to claims

Hello,

We have Auth0 connected in SP mode to an external SAML IdP and Auth0 is setup to callback our application using OIDC.

Question: How do we map the user’s attribute statements from IdP as OIDC claims or custom attributes to our app?

In the connection settings screen (popup) there’s a mappings options that will let you configure how each SAML attribute in the assertion will be mapped in terms of user profile attributes. If the information to be mapped is associated to standard OIDC information like user name and email address information then you can map to user profile attributes with the same name as the OIDC claims (name, email, etc).

With the above your application can just ensure that the proper OIDC scopes (openid profile email) are set in order to receive the standard information. If there’s additional information you will map it to other attributes per your naming preference and then can include that data in ID tokens by configuring a rule that adds them as custom claims (https://auth0.com/docs/scopes/current/custom-claims).

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.