OIDC Enterprise Connection Does Not Call /userinfo Endpoint

rueben.tiow · February 21, 2024, 2:43am

Problem statement

This article addresses the situation in which an IDP does not share user claims in the id_token.

Cause

The context.userinfo object is not mapped.

Solution

Okta’s new OIDC/Okta attribute/claims mapping function will automatically call the /userinfo endpoint if the source of a data element is mapped from context.userinfo object.

Navigate to Dashboard > Authentication > Enterprise and choose the OIDC provider.
Set the User Mapping accordingly. Refer to the Group claim mapping documentation.

For example:

Topic		Replies	Views
Claim Mapping for OIDC Connections Help connections , oidc-enterprise-connection	2	1505	August 17, 2023
Get/map claims from Okta - Enterprise Connection Help groups , claims , okta , enterprise-connectio	3	4286	March 2, 2023
Mapping Idp Id Token Claims to User prifle Help connections , oidc-enterprise-connection	0	1274	August 2, 2023
OIDC enterprise connection claim mapping Help	4	5109	September 19, 2019
User endpoint in ManagementAPI not returning idp tokens Help management-api , users	4	967	October 20, 2023

OIDC Enterprise Connection Does Not Call /userinfo Endpoint

Problem statement

Cause

Solution

Related References

Related Topics