Where, **is_publisher**(type boolean) and **userRole**(type string) are custom attributes defined and given value on both places - in user profile and in app user profile. And **template_saml_2_0** is the app user object and **user** is the user object.
Next, I have mapped these variables together:
Mapping of okta->app > user.is_publisher is mapped to is_publisher, and
Mapping of app->okta > appuser.is_publisher is mapped to is_publisher.
Done similar for other attributes.
On click the app chiklet, with this attributes statement generates "500 internal server error". This error triggers before okta gives call to the SP. I have found nothing is logged in my SP's logs. And I do not know how to track OKTA IDP's logs.
Here I am taking values from the user object for the custom attributes, and rest keeping all same as in attempt 1.
Now this change gives me the value of **userRole**(string type) and not for **is_publisher**(boolean type) in the assertion xml passed to the SP by OKTA. I guess this returns values if the custom attribute is only of string type and not for any others types. Is it the case?
Can you please tell me where I am going wrong? I need to set roles of users according the application which I have failed to do in Attempt1. and In Attempt2 I am only getting String type CustomAttribute's value.
Thanks for posting your inquiry in Okta Community.
To troubleshoot your issue we need to start on verifying the "User Profile Mapping" in [Okta to Application] attribute/expressions are set correct, then verifying the "Application Attributes Mapping" too that is provisioned on your Okta Org. You may also use the "Preview Mapping" tool to check your attributes/expressions.