• sunshiva
  • NEWBIE
  • 0 Points
  • Member since 2013

  • Chatter
    Feed
  • 0
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 1
    Questions
  • 0
    Replies

Hello All

 

I was looking for some help with regards to configuring additional attributes that can be passed in a SAML response.

 

I have a working solution with SalesForce acting as IdP however i would like to change the SAML assertion to include additional attributes

 

Currently, the default attributes included in the SAML response are userId, username, email, is_portal_user

 

<saml:AttributeStatement>
<saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="userId">
<saml:AttributeValue xsi:type="xs:anyType" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema">xxxx</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="username">
<saml:AttributeValue xsi:type="xs:anyType" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema">xxxx</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="email">
<saml:AttributeValue xsi:type="xs:anyType" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema">xxxx</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="is_portal_user">
<saml:AttributeValue xsi:type="xs:anyType" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema">false</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>

 

How do i include additional attributes in this response?

 

Thanks

 

Shiva