Attribute definition
Description
The attribute definition page displaisdisplays all the auto-generated user attributes. Those attributes will be the attributes to deliver from the identity providers to the service providers depending on the defined rules.
Soffid has a default implementation for common attributes like FullName or uid, but you can modify it by creating a custom script.
Screen overview
&&TODO&&
Custom attributes
- Name: a descriptive name.
- ShortName: short name to be used by SAML 2 service providers (without blanks).
- Oid: OID to be used by SAML 1 and SAML 2 service providers.
- OpenID name: OpenID name to be used by OAuth and OpenID connect service provider.
- Value: an attribute value. Allows you to define a BeanShell script to determine the value of the attribute.
Actions
Attribute definition query
Add new |
Allows you to add a new attribute definition in the system. You can choose that option on the hamburger menu or clicking the add button (+). To add a new it is necessary to fill in the required fields. |
Delete |
Allows you to remove one or more Attribute definitions by selecting one or more records and next clicking the button with the subtraction symbol (-). To perform that action, Soffid will ask you for confirmation, you could confirm or cancel the operation. |
Import |
Allows you to upload a CSV file with the attribute definition to add or update attribute definition to Soffid. First, you need to pick up a CSV file, that CSV has to contain a specific configuration. Then you need to check the content to be loaded, it is allowed to choose if you want or not to load a specific attribute. And finally, you need to select the mappings for each column of the CSV file to import the data correctly and to click the Import button. |
Download CSV file |
Allows you to download a CSV file with the basic information of all attribute definitions. |
Attribute definition detail
Delete |
Allows you to save the data of a new Attribute definition or to update the data of a specific Attribute definition. To save the data it will be mandatory to fill in the required fields. |
Save |
Allows you to download a csv file with the basic information of the Attribute definition. |
Examples
Soffid IdP has a default implementation for common attributes like FullName or uid, but you can modify it by creating a custom script. You can use the custom script to define the value of an attribute.
Examples to define the value of an attribute.
Example 1
Return full name in upper case:
return fullName.toUpperCase();
Example 2
Send one value if an attribute is blank. Otherwise, its value:
return
attributes{"company"} == null ||
attributes{"company"}.isEmpty() ?
"Soffid" :
attributes{"company"}
Example 3
Use serverService to fech the OU attribute of the account owned by the user in the Active Directory (AD) system:
for (account: serverService.getUserAccounts(id, "ad")) {
return account{"attributes"}{"ou"};
}
return null;