The ‘givenname’ and ‘surname’ are missing from the SSO attributes

Help
, ,
1

Hello Community,

My notes on this:

From the Applications screen on the Dashboard Selected the web application:

image001-2
image001-21050×435 54 KB

Then selected Settings tab and scrolled to advanced settings expanded that and selected Endpoints:

image002
image002960×917 67.3 KB

Took the SAML Metadata URL and viewed the page: (redacted some data.)

<SingleLogoutService Binding=“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect” Location=/>

<SingleLogoutService Binding=“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST” Location=/>

urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress

urn:oasis:names:tc:SAML:2.0:nameid-format:persistent

urn:oasis:names:tc:SAML:2.0:nameid-format:transient

<SingleSignOnService Binding=“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect” Location=/>

<SingleSignOnService Binding=“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST” Location=/>

This shows Attributes named

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname

When testing the Single Sign On the attributes seen are: (redacted some data.)

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier = auth0|

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress= support@complisoft.com

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name = support@complisoft.com

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn = support@complisoft.com

http://schemas.auth0.com/identities/default/connection = Username-Password-Authentication

http://schemas.auth0.com/identities/default/provider = auth0

http://schemas.auth0.com/identities/default/issocial = false

http://schemas.auth0.com/clientid =

http://schemas.auth0.com/created_at = Tue Mar 01 2022 13:14:47 GMT+0000 (Coordinated Universal Time)

http://schemas.auth0.com/email_verified = true

http://schemas.auth0.com/nickname = support

http://schemas.auth0.com/picture = https://s.gravatar.com/avatar/e915aafad6d134e53a53a3e272e529c5?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fsu.png

http://schemas.auth0.com/updated_at = Wed Mar 02 2022 09:34:01 GMT+0000 (Coordinated Universal Time)

The ‘givenname’ and ‘surname’ are missing

Were will I be able to find this?

Regards,
Vashan

2

Do the following:

Applications → Select Application that has SSO configures → Addons → SAML 2 → Settings

{
  ...all your settings
  "mappings": {
    "user_id": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
    "email": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
    "name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname",
    "nickname": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"
  }
}

See that name and nickname are mapped to givenname (http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname) and surname (http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname).

You can map any property from user profile to these. For SSO to work we need these properties in our auth0 user, and map them respectively.

3

Thank you for providing solution to this topic @hassanmunir!

Dawid

4

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.