Hi!
I’m trying to return claims to a SAML2-client that include a custom claim “https://myapp.example.com/favorite_color”.
The response returned to the client contain a claim with name containing semicolons like “http://schemas.auth0.com/https://myapp;example;com/favorite_color” or “https://myapp;example;com/favorite_color”, depending on the mapUnknownClaimsAsIs-setting. Se code and return belove.
Questions:
- How do I set a custom namespaced claim in my onExecutePostLogin-action?
- Are there any other settings I need to set on my application?
Code:
exports.onExecutePostLogin = async (event, api) => {
const namespace = ‘https://myapp.example.com’;
if (event.authorization) {
// Set claims
api.idToken.setCustomClaim(${namespace}/favorite_color
, ‘blue’);
}
};
Result (first with mapUnknownClaimsAsIs=true):
<saml:Attribute Name=“https://myapp;example;com/favorite_color” NameFormat=“urn:oasis:names:tc:SAML:2.0:attrname-format:uri”>
<saml:AttributeValue xsi:type=“xs:string”>blue</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute NameFormat=“urn:oasis:names:tc:SAML:2.0:attrname-format:uri” Name=“http://schemas.auth0.com/https://myapp;example;com/favorite_color”>
<saml:AttributeValue xsi:type=“xs:string”>blue</saml:AttributeValue>
</saml:Attribute>