Skip to main content

Attribute definition

Description

The attribute definition page displays all the auto-generated user attributes. Those attributes will be the attributes to deliver from the identity providers to the service providers depending on the defined rules.

Soffid has a default implementation for common attributes like FullName or uid, but you can modify it by creating a custom script.

Screen overview

&&TODO&&

Custom attributes

  • Name: a descriptive name.
  • ShortName: short name to be used by SAML 2 service providers (without blanks).
  • Oid: OID to be used by SAML 1 and SAML 2 service providers.
  • OpenID name: OpenID name to be used by OAuth and OpenID connect service provider.
  • Value: an attribute value. Allows you to define a BeanShell script to determine the value of the attribute.

Actions

Attribute definition query

Add new

Allows you to add a new attribute definition in the system. You can choose that option on the hamburger menu or clicking the add button (+).

To add a new it is necessary to fill in the required fields.
Delete

Allows you to remove one or more Attribute definitions  by selecting one or more records and next clicking the button with the subtraction symbol (-).

To perform that action, Soffid will ask you for confirmation, you could confirm or cancel the operation.
Import

Allows you to upload a CSV file with the attribute definition to add or update attribute definition to Soffid.

First, you need to pick up a CSV file, that CSV has to contain a specific configuration. Then you need to check the content to be loaded, it is allowed to choose if you want or not to load a specific attribute. And finally, you need to select the mappings for each column of the CSV file to import the data correctly and to click the Import button.

Download CSV file

Allows you to download a CSV file with the basic information of all attribute definitions. 

Attribute definition detail

Delete

Allows you to save the data of a new Attribute definition or to update the data of a specific Attribute definition. To save the data it will be mandatory to fill in the required fields.

Save

Allows you to download a csv file with the basic information of the Attribute definition.

Examples

Soffid IdP has a default implementation for common attributes like FullName or uid, but you can modify it by creating a custom script. You can use the custom script to define the value of an attribute.

Examples to define the value of an attribute.

Example 1

Return full name in upper case:

return fullName.toUpperCase();

Example 2

Send one value if an attribute is blank. Otherwise, its value:

return
    attributes{"company"} == null ||
    attributes{"company"}.isEmpty() ?
        "Soffid" :
        attributes{"company"}

Example 3

Use serverService to fech the OU attribute of the account owned by the user in the Active Directory (AD) system:

for (account: serverService.getUserAccounts(id, "ad")) {
    return account{"attributes"}{"ou"};
}
return null;

 

Back to top