The ‘givenname’ and ‘surname’ are missing from the SSO attributes

Hello Community,

My notes on this:

From the Applications screen on the Dashboard Selected the web application:

image001-21050×435 54 KB

Then selected Settings tab and scrolled to advanced settings expanded that and selected Endpoints:

image002960×917 67.3 KB

Took the SAML Metadata URL and viewed the page: (redacted some data.)

<SingleLogoutService Binding=“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect” Location=/>

<SingleLogoutService Binding=“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST” Location=/>

urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress

urn:oasis:names:tc:SAML:2.0:nameid-format:persistent

urn:oasis:names:tc:SAML:2.0:nameid-format:transient

<SingleSignOnService Binding=“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect” Location=/>

<SingleSignOnService Binding=“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST” Location=/>

This shows Attributes named

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname

When testing the Single Sign On the attributes seen are: (redacted some data.)

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier = auth0|

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress= support@complisoft.com

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name = support@complisoft.com

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn = support@complisoft.com

http://schemas.auth0.com/identities/default/connection = Username-Password-Authentication

http://schemas.auth0.com/identities/default/provider = auth0

http://schemas.auth0.com/identities/default/issocial = false

http://schemas.auth0.com/clientid =

http://schemas.auth0.com/created_at = Tue Mar 01 2022 13:14:47 GMT+0000 (Coordinated Universal Time)

http://schemas.auth0.com/email_verified = true

http://schemas.auth0.com/nickname = support

http://schemas.auth0.com/picture = https://s.gravatar.com/avatar/e915aafad6d134e53a53a3e272e529c5?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fsu.png

http://schemas.auth0.com/updated_at = Wed Mar 02 2022 09:34:01 GMT+0000 (Coordinated Universal Time)

The ‘givenname’ and ‘surname’ are missing

Were will I be able to find this?

Regards,
Vashan

Do the following:

Applications → Select Application that has SSO configures → Addons → SAML 2 → Settings

{
  ...all your settings
  "mappings": {
    "user_id": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
    "email": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
    "name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname",
    "nickname": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"
  }
}

See that name and nickname are mapped to givenname (http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname) and surname (http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname).

You can map any property from user profile to these. For SSO to work we need these properties in our auth0 user, and map them respectively.

Thank you for providing solution to this topic @hassanmunir!

Dawid

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.