Saml2 Attributes_Map, email and username attributes don't work

Question

Saml2 Attributes_Map, email and username attributes don't work

pbaiges opened this issue 2 years ago · 2 comments

'ATTRIBUTES_MAP': { 
    'email': 'mail',
    'username': 'eduPersonPrincipalName',
    'first_name': 'givenName',
    'last_name': 'sn',
    'token': False,  # Mandatory, can be unrequired if TOKEN_REQUIRED is False
    'groups': 'Groups',  # Optional

In the settings.py file, it does not get the assignment of the email and username attributes correctly. We have tried to change and put our "mail" attribute in the first_name section that works and it correctly assigns the mail but in the "email" saml attribute you put the "mail" and it does not assign anything. The same goes for the "username" attribute.

Answer 1 · 2023-04-28T13:26:54.000Z

Hey @pbaiges,

you can see the decoded SAML response by using SAML-tracer extension for Chrome or Firefox to see which attributes are being passed to your application and whether they have values or not. Then you can map them properly. Also, be aware of namespaces, as they might be added to the attribute(s) in the SAML response. In which case, you must add the namespace as a prefix to the attribute in the ATTRIBUTES_MAP. Note that if you use namespaces, then you might run into this issue.

Answer 2 · 2023-05-31T09:33:05.000Z

@pbaiges

I suppose this is resolved. Freel free to re-open it if your question still stands.