Problem statement
This article addresses the situation in which an IDP does not share user claims in the id_token.
Cause
The context.userinfo
object is not mapped.
Solution
Okta’s new OIDC/Okta attribute/claims mapping function will automatically call the /userinfo endpoint if the source of a data element is mapped from context.userinfo
object.
- Navigate to Dashboard > Authentication > Enterprise and choose the OIDC provider.
- Set the User Mapping accordingly. Refer to the Group claim mapping documentation.
For example: