Integration of user profile attributes into the SAML assertion

Hi,

Currently, delegated authentication has been tested and is working correctly (OPENIAM IDP). However, we have attempted to include additional user profile attributes, such as roles, in the SAML assertion without success.

We created several Groovy scripts without success. From the configured SAML Identity Provider, we defined the attribute to be returned with the following settings:

  • Property Name: role

  • Data Type: String

  • Property Type: Groovy Script

  • Property Value: /AM/SAMLROLES.groovy

Despite this configuration, the attribute is not being included in the SAML assertion. Could you please clarify the required steps or provide an example on how to correctly add user entitlements (roles or groups) to the SAML assertion so they can be consumed by the SP?

Kind Regards.

Hello @mlmoreno,

I can help with this. Can you please let me know which version of OpenIAM you are running?

Thanks,

Ameet

hi @ameet_shah ,

My current version is 4.2.1.15.170253.

Thanks for your help.

Mauro.