Hi,
We have configured SAML login in our environment but we are having trouble mapping the email attribute. Our client has two types of SAML users:
We are trying to find a way to make this mapping dynamic so it can work for both type of users with the same Idp. We need a way to validate if the email claim is empty and map the name claim instead, is this possible?
We haven't found any way to do this but we wanted to ask in case anyone knows or has any ideas that we can try.
Thanks in advance
Discussion posts and replies are publicly visible
Did you consider to create two separate configurations to the same IDP but with different mappings? When putting the two user groups into different Appian groups you can make them automatically use their respective login.
I have tried this already but Appian doesn't allow to use the same Idp metadata file in two different confgurations. I get this error "Another identity provider already exists with the same entity ID provided in this metadata file. Entity IDs must be unique."
Sure, you will need two of these.