Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-17705

Allow automatic claim mapping based on AD attributes without requiring a mapping script

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 6.5.3
    • Fix Version/s: None
    • Component/s: configurator
    • Labels:
    • Rank:
      1|i04aku:
    • Support Ticket IDs:

      Description

      Today, to create additional claims based that map to user attributes in ID token (or access token), an OIDC claims script is required.  This seems like an overhead when AD attributes are already known to the system.

       

      Similar to SAML configuration, OAUTH2/OIDC provider service should not require an additional script to map AD attributes.  Any claim mapping could still be allowed at the client level to allow for custom claim names if needed.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            thi.vo Thi Vo
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: