This article will go over setting up User Attribute Mappings using SAML 2.0 and provide some Tips to make this process easier.
This article is assuming you are able to get a successful test connection page. You will not get a successful test connection when using IDP initiated SSO.
- Select Test connection so it opens in a new Tab you should see something similar to the following
- There are 2 Columns in this page the left Column is the Attribute Label and the right is the Attribute Value
- Now in the SSO Setup Page Open the Map User Attributes Page
- Set the Directory Attribute to the Attribute Label as it is shown EXACTLY on the test connection Page
- The above test connection will map as follows.
THINGS TO NOTE.
1. Notice the Directory Attribute for Email and Surname is the full URL as shown in the test connection. This is because it has to Match Exactly as it is shows in the Test connection page Simple putting mail would not work.
2. The default Value field is left blank because it is only used if no value is being passed as the directory attribute