SAML Dynamic Attribute Mapping

Certified Senior Developer

Hi,

We have configured SAML login in our environment but we are having trouble mapping the email attribute. Our client has two types of SAML users:

  • internal who have their email defined in the email claim.
  • external who do not have any value defined in the email claim, is empty when accessing Appian, and have their email in the name claim.

We are trying to find a way to make this mapping dynamic so it can work for both type of users with the same Idp. We need a way to validate if the email claim is empty and map the name claim instead, is this possible?

We haven't found any way to do this but we wanted to ask in case anyone knows or has any ideas that we can try.

Thanks in advance

  Discussion posts and replies are publicly visible