OIF 10g: Is it possible to send Same Ldap Attribute To Two SAML Assertion Attributes? (Doc ID 1135603.1)

Last updated on SEPTEMBER 21, 2016

Applies to:

Oracle Identity Federation - Version: 10.1.4.0.1 and later   [Release: 10g and later ]
Information in this document applies to any platform.

Goal

We have an application that would need user's e-mail address in two different SAML 2.0 assertion attribute fields: "uid" and "email".
As NameID is used also X509SubjectName with NameID, it seems that if we configure mappings mail-> email and mail-> uid, either uid or e-mail is sent in SAML assertion but not both assertion values at the same time.

Is there way to send same LDAP attribute twice in two different assertion attributes?


Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms