...
| Code Block |
|---|
saml2Config.authnRequestBindingType = urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect |
What SAML information does FlexDeploy use?
We use the attribute “UserName” if it exists as the user.
If it doesn’t, we use the first SAML attribute that ends with “UserName”.
If none do, we use the SAML ID attribute as the username.
If the username that is determined from those locations matches an existing username in FlexDeploy, the user is considered to be the same user.
If it doesn’t exist, then the users email, first name, and last name are looked for in the SAML attributes.
given_name is used for first name
family_name is used for last name
email is used for email
Currently these fields are not configurable in FlexDeploy, but they have worked with all IDPs tested so far.