How to customize the response attributes sent by an IdP using simpleSAMLphp?

Question

I have setup two instances of simpleSAMLphp, one as service provider the other as identity provider (e.g.: http://sp.service.com & http://idp.service.com). For authentication I am using sqlauth. In the sqlauth example, after successful authentication the IdP returns the name, username, emailid, group name from the database tables to the SP. Now I want to customize the table and want to retrieve all the attributes from it.

Which file or function needs to be customized to achieve this?

Answer 1

Check if there are any AttributeFilterLimit in the config/authsource.php (SP) metadata/saml20-idp-hosted (IdP).

Best way to see if your IdP is getting all the user data is to access to the browser, open the IdP and access to Authentication -> Test configured authentication sources -> sqauth (Later you can do the same at the SP cheking the saml auth)

If you don't see all the user data that you expected, maybe, a filter is applied or the sqlauth is not well configured.

As you can see in the sqlauth documentation you will get all the data that matchs the query that you set in the authsource configuration file.

At the SP side, to retrieve attribute at your final application you must take a look on this documentation