Reputation: 3331
Okta how to pass groups in assertion SAML
Trying to integrate our organisation's web app with Okta's SSO.
Everything works smoothly except that I can't find a way to pass the native Okta groups which the user is part of in the assertion SAML (there's no such option in the 'Edit SAML Integration' form).
Any idea how to do that?
Upvotes: 1
Views: 7282
Answers (2)
Reputation: 6297
I came across this issue myself, and answered myself here
I added a very detailed explanation how it can be achieved
In short, you just need to specify a groups attribute statement to your Okta SAML 2.0 template specifying what groups you'd like to expose to your SP
Upvotes: 2
Reputation: 1188
To have Okta include group information into SAML assertions, you'll need to use the Okta Template SAML 2.0 App, in particular, you'll need to set the Group Name and Group filter options to configure which groups will be included in the SAML assertion.
Upvotes: 0
Related Questions
- How can I get all groups a user belongs to using Okta's API?
- Get "groups" claims from Okta using the OpenID Connect Authorization Code Flow
- RFC - Adding Group Claims from OKTA to Role Claims in .net Framework Using OIDC
- How to add user groups to ID token in Okta?
- SamlCredential does not retrieve group attributes from Okta SAML response
- How to include the user groups attributes in a SAML login response assertion
- Getting list of groups user is associated with in Okta
- How to validate SAML response
- Okta Group Attributes
- Okta Saml customize the username returned in the assertion