Azure AD Connector from IDP v4.1 - canonicalization failure

Cantor, Scott cantor.2 at
Tue Aug 30 18:56:38 UTC 2022

>    We just want a user identifier from Azure.

Then most of that is totally unnecessary, start over, and look at the attribute-sourced c14n docs and properties. No need for anything in the resolver whatsoever.

idp.c14n.attribute.resolveFromSubject = true
idp.c14n.attribute.resolutionCondition = shibboleth.Conditions.FALSE
idp.c14n.attribute.attributeSourceIds = whateverId

Should be all that's needed other than making sure the input data is getting decoded by the registry.

-- Scott

More information about the users mailing list