Just created a SAML connection, and the users are logging in and showing up as Empty (empty)
in the user logs. Namely, I want the email attribute, which is missing.
I realize this is probably a SAML attribute mapping issue, so I follow the guides that mention SAML attribute mapping. I look at one user’s raw JSON:
{
"authenticationmethod": "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport",
"created_at": "yyyy-mm-dd...",
"identities": [
{
"user_id": "connection_name|abc@example.com",
"provider": "samlp",
"connection": "connection_name",
"isSocial": false
}
],
"issuer": "...",
"name": "",
"nameIdAttributes": {
"value": "abc@example.com",
"Format": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
},
"nickname": "",
"picture": "https://cdn.auth0.com/avatars/default.png",
"sessionIndex": "...",
"updated_at": "2020-11-17T00:57:27.908Z",
"user_id": "samlp|connection_name|abc@example.com",
...
}
So what I think I want to do is to add a custom mapping to the saml connection. The email
attribute is at nameIdAttributes[value]
, so I try to put the following in the mapping json:
{
"email": "nameIdAttributes"["value"]
}
But the editor won’t allow me to save as it’s not valid JSON. Is there another way to get the email attribute? I see that it’s also part of the user_id
(“abc@example.com”) - is there a way to get the email out of the user_id?
Would appreciate any pointers here! Thanks.