Haas
New Member.
404 views

Custom attribute question

I am setting up an SSO for this vendor who is asking for the following attributes:

Uid, Firstname, Lastname, email, and LicenseIds

We got all of the first 4 attributes as part of our ldap attributes list which I can map the attributes to the vendor's attributes.

They (the vendor) want us to include the licensIds and assign it the license code that was provided to the college.

I have never done something like this and I am reaching out to the community to see if anyone have done it.

I know that NetIQ AM has custom attributes and virtual attribute under the shared attributes tab. Do you use a virtual attribute or maybe a custom attribute in this case and how someone assigns the license code to it.

Any ideas or thoughts would be appreciated. 🙂

Thank you in advance
0 Likes
7 Replies
Knowledge Partner
Knowledge Partner

Re: Custom attribute question

On 16-05-2019 12:24 AM, hrquibi wrote:
>
> I am setting up an SSO for this vendor who is asking for the following
> attributes:
>
> Uid, Firstname, Lastname, email, and LicenseIds
>
> We got all of the first 4 attributes as part of our ldap attributes list
> which I can map the attributes to the vendor's attributes.
>
> They (the vendor) want us to include the licensIds and assign it the
> license code that was provided to the college.
>
> I have never done something like this and I am reaching out to the
> community to see if anyone have done it.
>
> I know that NetIQ AM has custom attributes and virtual attribute under
> the shared attributes tab. Do you use a virtual attribute or maybe a
> custom attribute in this case and how someone assigns the license code
> to it.


where is the value of the licenseIds stored? On an existing attribute for the user in the user store?


--
Cheers,
Edward
0 Likes
Haas
New Member.

Re: Custom attribute question

The value of the licenseId is not stored anywhere. It's supposed to be passed on to SP via a response to an AuthnRequest.

The SP then would be able to distinguish our College among other colleges thru the licenseId attribute.

Hope that makes sense.
0 Likes
jrmhscht Super Contributor.
Super Contributor.

Re: Custom attribute question

I believe you should be able to have a virtual attribute that returns the same value every time as it sounds like it is the same for every user.
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Custom attribute question

jrmhscht;2500097 wrote:
I believe you should be able to have a virtual attribute that returns the same value every time as it sounds like it is the same for every user.


Just set input parameter value to one of passed attributes (probably uid), then:


function main (P1)
{
return "licenseid";
}

Visit my Website for links to Cool Solution articles.
0 Likes
Knowledge Partner
Knowledge Partner

Re: Custom attribute question

On 22-05-2019 5:44 AM, hrquibi wrote:
>
> The value of the licenseId is not stored anywhere. It's supposed to be
> passed on to SP via a response to an AuthnRequest.
>
> The SP then would be able to distinguish our College among other
> colleges thru the licenseId attribute.
>
> Hope that makes sense.
>
>


So where is the value of this attribute coming from then? Is it static, is it different for each user?

--
Cheers,
Edward
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Custom attribute question

On 15/05/2019 15:24, hrquibi wrote:
>
> I am setting up an SSO for this vendor who is asking for the following
> attributes:
>
> Uid, Firstname, Lastname, email, and LicenseIds
>
> We got all of the first 4 attributes as part of our ldap attributes list
> which I can map the attributes to the vendor's attributes.
>
> They (the vendor) want us to include the licensIds and assign it the
> license code that was provided to the college.
>
> I have never done something like this and I am reaching out to the
> community to see if anyone have done it.
>
> I know that NetIQ AM has custom attributes and virtual attribute under
> the shared attributes tab. Do you use a virtual attribute or maybe a
> custom attribute in this case and how someone assigns the license code
> to it.
>
> Any ideas or thoughts would be appreciated. 🙂
>
> Thank you in advance
>
>

If the value is going to be static for all users you don't need a
virtual attribute, in the attribute set you define for the federation
you can simply choose "Constant" for your new attribute and add the
College code as the value against the mapping LicenseIds.

If it is has a small number of values, such as different for staff and
students, you could make a Virtual Attribute that returned a different
string value depending on the user's IDP Roles. But I doubt whether
you'll need that.

regards
PaulK
0 Likes
Haas
New Member.

Re: Custom attribute question

Sorry I was pulled to work on another project and forgot to update what I did.

I did exactly what Paul has suggested.

New attribute > Filled the field "Constant" with the assigned code > and mapped the Remote attribute to the requested licenseIds attribute. Hit Submit, tested it, and was successfully and correctly relied thru the SAMLResponse.

Cheers
Haas
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.