SAML Custom Attribute Mapping

Hi,

I defined a custom attribute in OKTA SAML assertion and setup a SAML connection in AUTH0. The attribute and value is added into user profile JSON raw object once the login is completed but when I try to read its value during the execution of a postLogin action the first time an Okta user logs-in it appears undefined in event.user object.

I also tried to map the SAML assertion attribute to the user_metadata using the mapping panel in the connection setup screen but didn’t work. It seems this was possible using rules but not from Authentication → Enterprise → [SAML Connection] → Mappings.

I.E

{
“user_metadata.my_attribute”: “okta_saml_attribute”
}

Does anybody know if this is possible?

1 Like

I’m having the same problem but with auth0 as a SP and as an IDP. I can see that the attribute has been added to the user in raw_json, but can’t access it in the onExecutePostLogin which means I can’t add it it to app_metadata nor user_metadata.

p-tal is the SAML attribute:

The enterprise config maps it like this:

My auth0 IDP maps the attribute like this:

1 Like

Did you manage to figure this out?

I am having the same issue. Really annoying that they don’t simply give you the raw user in the post login action or a simple way to map into he app_metadata fields

After further google searching this thread provides a solution. Not a good solution, just a solution!