Re: [keycloak-dev] Claims Mapping and Identity Federation

----- Original Message ----- > From: "Bill Burke" <bburke(a)redhat.com&gt; > To: keycloak-dev(a)lists.jboss.org > Sent: Friday, February 20, 2015 1:36:31 PM > Subject: Re: [keycloak-dev] Claims Mapping and Identity Federation > > I'm still working things out. Right now I have a realm set of > ProtocolMappers. The data model is > > protocol (saml or oidc) > protocolMapper (this references a provider) > > These 3 are for simple one to one attribute mappings. > > protocolClaim > sourceAttributeType > sourceAttribute > > For OIDC there will be just one protocolMapper for simple one to one > claim/attribute mappings. For SAML there will be a "Friendly > AttributeStatement" and "URI AttributeStatement" for attribute mappings. I'm not sure if you really need something different for SAML. The reason is that we can just ask users if what they want to use 'Name' or 'Friendly Name'. At that end, that is what really matter, right ? Just know the name of the attribute to map to an internal one.