Any documentation or examples on how to use the new property "Synchronized Attributes (~synchronizeAttributes)" ?
Solved! Go to Solution.
Views
Replies
Total Likes
MorisTM wrote...
Yes I see the following:
<saml2:AttributeStatement>
<saml2:Attribute FriendlyName="uid"
Name="uid"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xs:string"
>user.2</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="mail"
Name="urn:oid:0.9.2342.19200300.100.1.3"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xs:string"
>user.2@maildomain.net</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="group"
Name="group"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xs:string"
>administrators</saml2:AttributeValue>
</saml2:Attribute>
</saml2:AttributeStatement>
For your settings try with [1] or configure saml to have predifined name rather than dynamic.
[1] urn:oid:0.9.2342.19200300.100.1.3=profile/email
Views
Replies
Total Likes
Assume saml attribute name for email is officialemail & want to map to cq email. The syntax would be officialemail=profile/email
Views
Replies
Total Likes
Hi Sham,
I have query related to same thread.
I have users saved in the path as
/home/users/a/
where a represt first letter of email address.
how do I save other properties for this user like name and surname .. using synchronized attributes.
\Amit
Views
Replies
Total Likes
Thanks, I gave that a go, mine being mail=profile/email
The rep:User node is being created, but the profile node is not.
This is on a Publish instance.
Views
Replies
Total Likes
Amit sharma wrote...
Hi Sham,
I have query related to same thread.
I have users saved in the path as
/home/users/a/
where a represt first letter of email address.
how do I save other properties for this user like name and surname .. using synchronized attributes.
\Amit
You need to map syncronize attribute in felix console as shown at [img]https://helpx.adobe.com/experience-manager/kb/saml-demo/_jcr_content/main-pars/image_18.img.png/Logo...
Views
Replies
Total Likes
MorisTM wrote...
Thanks, I gave that a go, mine being mail=profile/email
The rep:User node is being created, but the profile node is not.
This is on a Publish instance.
In the saml response do you see the mail attribute?
Views
Replies
Total Likes
Yes I see the following:
<saml2:AttributeStatement>
<saml2:Attribute FriendlyName="uid"
Name="uid"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xs:string"
>user.2</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="mail"
Name="urn:oid:0.9.2342.19200300.100.1.3"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xs:string"
>user.2@maildomain.net</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="group"
Name="group"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xs:string"
>administrators</saml2:AttributeValue>
</saml2:Attribute>
</saml2:AttributeStatement>
Views
Replies
Total Likes
MorisTM wrote...
Yes I see the following:
<saml2:AttributeStatement>
<saml2:Attribute FriendlyName="uid"
Name="uid"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xs:string"
>user.2</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="mail"
Name="urn:oid:0.9.2342.19200300.100.1.3"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xs:string"
>user.2@maildomain.net</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute FriendlyName="group"
Name="group"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
>
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xs:string"
>administrators</saml2:AttributeValue>
</saml2:Attribute>
</saml2:AttributeStatement>
For your settings try with [1] or configure saml to have predifined name rather than dynamic.
[1] urn:oid:0.9.2342.19200300.100.1.3=profile/email
Views
Replies
Total Likes
Working now. Thanks Sham!
Views
Replies
Total Likes
Did you get any reply for this post? I am seeking for same.
Views
Replies
Total Likes
Hi @divyat29882083 ,
Have you gone through this kb article, hope it would be helpful.
Synchronized Attributes: These are the attribute mappings configured in the Okta application. The attribute values will be passed through SAML response to AEM during the SAML assertion.
Regards,
Santosh
Views
Likes
Replies
Views
Likes
Replies