IDP proxy - attribute
Cantor, Scott
cantor.2 at osu.edu
Tue Aug 11 19:34:42 UTC 2020
On 8/11/20, 3:12 PM, "users on behalf of Jerry Bailie" <users-bounces at shibboleth.net on behalf of jebailie at vassar.edu> wrote:
> The question is, is how to obtain that attribute (eduPersonScopedAffiliation) from Onelogin ?
https://wiki.shibboleth.net/confluence/display/IDP4/SAMLAuthnConfiguration
Attribute Extraction and Filtering
Attribute Resolution
i.e.
1. Make sure the Attribute Registry transcoding rules map the necessary SAML Attribute(s) into their internal IDs.
2. Add filter rules as required to accept those attribute IDs from the "issuer".
3. Add a Subject data connector to export the attribute(s) back out of the resolver.
4. Add filter rules as required to release the attribute IDs to the SP.
That's generally all it takes unless the use case is more complex.
(3) automates all the complex parts that are happening under the covers.
-- Scott
More information about the users
mailing list