This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

SAML apigee-sso with external IDP issue

Posted on 01-26-2022 12:07 AM
agcifre
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello,

I've installed Apige on prem (base components) and now I'm busy with the integration of apigee-sso component with our external IDP.
Unfortunately our IDP doesn't support "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" as nameid-format.
I've overriden the value of SSO propertie "conf_login_saml_provider_nameid" with "urn:oasis:names:tc:SAML:2.0:nameid-format:transient".
Now I'm able to receive the IDP response SAML.
However the email information is not located under <saml:NameID>. It's located under the saml attribute "mail" 😞
<saml:AttributeStatement>
<saml:Attribute Name="mail">
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">xxxx@yyy.be</saml:AttributeValue>
</saml:Attribute>
...
<saml:AttributeStatement>
Is there a way to tell apigee-sso component to search in another place than <saml:NameID> , for example something like <sam:attribute Name="mail">?

Thanks in advance.

Solved Solved
0 7 570
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
agcifre
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

OK. I will do it. Thanks

View solution in original post

Jump to Solution
0 Likes
7 REPLIES 7
Top Solution Authors
View all