Problem Statement
We are not able to retrieve the family_name attribute from their google enterprise connection. In google side they see the following:
{
[...]
"id": "<ID>",
"primaryEmail": "<PrimaryEmail>",
"name": {
"givenName": "<GivenName>",
"familyName": "<familyName>",
"fullName": "<fullName>"
},
But when trying to manipulate one of the passed values from their IdP (family_name) they get the following error (in the tenant logs):
{
[...]
"type": "f",
"description": "Family name not set in IDP response.",
[...]
}
because the family_name is undefined and caused in the rule:
if ( typeof( user.family_name ) === "undefined" ) {
return callback( new Error( 'Family name not set in IDP response.' ));
}
Solution
Our Engineering team checked this issue. This seems to be due to a wrong mapping in the google-apps strategy on our end. We will update this FAQ once further details are available.