Use a Custom Attribute map for SAML Configuration

Customer Managed Applies to customer-managed instances of Alation

If your IdP does not offer a way for you to map the assertion response attributes onto attributes expected by Alation, you can create a custom attribute map on the Alation server and map the attributes using this map. The map uses the format Basic.

To create the custom attribute map:

On the Alation server, create a file map.py at /opt/alation/site/saml/

The file should have the following content. Substitute the keys 'ssoid', 'email', 'firstname', 'lastname' with your actual attribute names):

MAP = {

    'identifier':'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',

    'to': {},

    'fro': {

        'ssoid': 'uid',

        'email': 'mail',

        'firstname': 'givenName',

        'lastname': 'sn'

    }

}

Related Topics

Configure Authentication with SAML from Alation Shell