[keycloak-user] SAML attribute mapping debugging
Jason Axley
jaxley at expedia.com
Thu Feb 18 16:49:55 EST 2016
I’ve set up incoming SAML authentication using Microsoft ADFS as the IdP. However, the attribute mappings I’ve configured are not picking up the data. A couple things are not clear:
1. How can one debug the mappings to find out why they did not find the data?
2. Where is the “user model” documented to know which fields are available to map to? I pulled out some things from existing LDAP mappings but would be nice to know what else is there to map (e.g. AD or other LDAP Groups)
For example, I’ve set up an email mapper that is configured:
Mapper Type: Attribute Importer
Attribute Name: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
Friendly Name: emailaddress
User Attribute Name: email
Doesn’t work…
-Jason
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160218/79f6821d/attachment.html
More information about the keycloak-user
mailing list