SAML Custom Attribute Mapping


I defined a custom attribute in OKTA SAML assertion and setup a SAML connection in AUTH0. The attribute and value is added into user profile JSON raw object once the login is completed but when I try to read its value during the execution of a postLogin action the first time an Okta user logs-in it appears undefined in event.user object.

I also tried to map the SAML assertion attribute to the user_metadata using the mapping panel in the connection setup screen but didn’t work. It seems this was possible using rules but not from Authentication → Enterprise → [SAML Connection] → Mappings.


“user_metadata.my_attribute”: “okta_saml_attribute”

Does anybody know if this is possible?

1 Like

I’m having the same problem but with auth0 as a SP and as an IDP. I can see that the attribute has been added to the user in raw_json, but can’t access it in the onExecutePostLogin which means I can’t add it it to app_metadata nor user_metadata.

p-tal is the SAML attribute:

The enterprise config maps it like this:

My auth0 IDP maps the attribute like this:

1 Like