Reputation: 644
Okta Saml customize the username returned in the assertion
A client has setup an app to integrate w/ okta using saml 2.0. Everything seems to be working just fine from a communication standpoint, but the username returned from Okta is the login (i.e. "crazypants")
The application is looking for a username in custom format (i.e. "[email protected]")
is there a way in Okta to append "@domain.stuff"
Upvotes: 0
Views: 1150
Answers (1)
Reputation: 191
The custom username is configured under the Applications Sign-On tab.
- Navigate to the Admin console, Applications, and select the correct application
- Once the application page has loaded, navigate to the "Sign On" tab
- Click on "Edit" and scroll down to "Credentials Details"
- In the "Application Username Format" dropdown, select "Custom"
An empty text box will load as well as a link ("custom expression") explaining use.
If you click on the "custom expression" link, you will see examples and area to try out expressions before you save. You can preview expressions, and once you get what you need you can use the one in the try field.
Enter something like ${f:substringBefore(user.login, "@")}@domain.stuff to start.
Upvotes: 1
Related Questions
- Pre-populate Okta username during SP-initiated SAML SSO
- SAML 2.0 response verification
- How to identify a user from SAML Response?
- How can i pass EmployeeID as in NameID in saml assertion
- Obtaining the user's name from a SAML response in Go
- How to include the user groups attributes in a SAML login response assertion
- How should I extract a username from a SAML response?
- How to validate SAML response
- Okta how to pass groups in assertion SAML
- How to handle the SAMLResponse from OKTA?