Oracle Access Manager 12c (OAM 22.214.171.124.0) Federation - Expression That Contain User and Groups Displays Incorrectly In the Security Assertion Markup Language (SAML) Response
(Doc ID 2619170.1)
Last updated on AUGUST 28, 2020
Applies to:Oracle Access Manager - Version 126.96.36.199.0 and later
Information in this document applies to any platform.
Enabled multivaluegroups at the Federated Service Provider (SP) partner level and did not achieve the desired results.
- Trying to use expression which contains multigroups attribute in saml response
Use $user.groups twice in the SP attribute profile, the first $user.groups is treated as multivaluegroup, the second $user.groups is not.
Use $user.groups is only once in a sp attribute profile and part of expression type value.
Service Provider (SP) Attribute profile
Mapping: testgroups: mytest-groups/$user.groups (value as a expression)
User who performs authentication are member of following groups.
- Current behavior to display expression contains multigroups attribute in SAML response - Response output:
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document