Mapping the 'name' SAML Attribute

Problem statement

When creating a SAML connection there is a mappings tab which allows setting incoming Identity Provider (IdP) SAML Attributes to an Auth0 profile. When attempting to update the ‘name’ attribute that is used by Auth0 in the user profile, the ‘name’ attribute doesn’t update. The mappings looks like this:

{
  "name": "http://schemas.saml-idp-claim.com/newClaim""
}

Note, other attributes seem to allow mapping as expected. For example the following mapping will successfully update the user profile’s ‘given_name’ attribute with a different incoming SAML Attribute:

{
  "given_name": "http://schemas.saml-idp-claim.com/newClaim2""
}

Steps to reproduce

Steps that can be taken to recreate the problem.

  • Have a functioning SAML connection
  • Attempt to target the ‘name’ attribute in the ‘mappings’ tab to a different attribute
  • Complete a login and examine the user profile in Auth0, the ‘name’ attribute will be unchanged

Cause

Currently, it is not possible to overwrite what the ‘name’ attribute is set as from the Service Provider (SP) side. Auth0 will use whatever value the IdP sends for the ‘name’ attribute. It is possible that the IdP could update, on their end, what value is sent for the ‘name’.

Solution

If the ‘name’ attribute needs to be set to a particular value, work with the IdP to ensure the expected value is being sent for that attribute.