Have an already working SAML link between an IdP and an SP, with a user present in both!
Steps to reproduce:
- In IdP make sure firstName and lastName are not sent towards SP!
- In IdP make sure reminderQueryQuestion and reminderQueryAnswer are sent towards SP!
- In SP add the following mapping: User Field Expression is firstName, and SAML attribute is reminderQueryQuestion
- In SP add the following mapping: User Field Expression is lastName, and SAML attribute is reminderQueryAnswer
- Log in with a user
User logs is and its reminder question and answer is displayed as its first and last name
Either sending these attributes is blocked on IdP side, or their mapping is blocked on SP side, yet another solution can be to store the hashed value of reminderQueryAnswer.
Tomcat 9.0.43 + MySQL 8.0.25 | Portal master DXP GIT ID: 880952a2ef107ca6d98c9988da04a18fd51b5a55
Encrypted password can also be mapped and displayed this way.
- Discovered while testing
LPS-105169 As an Instance Administrator, I want to configure the user profile attributes that can be updated from the SAML assertion when a user logs into the system