When trying to pass custom attribute statements that leverage Okta Expression Language (OEL) under the General tab of a WS-Fed Template Application, the following error is thrown:

The Template WS-Fed App is misconfigured. Please contact your administrator.

 

When trying to pass the same custom attribute statements under the Sign On tab of the WS-Fed Template Application, no errors are present, and the expected value is passed successfully. 

• Single Sign-On (SSO)
• WS-Fed Template
• Custom Attribute Statements
• Okta Expression Language (OEL)

The Attribute Statement field of the General tab performs an additional validation check compared to the Sign On tab's Attribute Statement.

Use the Sign On tab's Attribute Statements instead of the General tab's Attribute Statements because the latter performs an additional validation.

NOTE: The attribute statements on the Sign On tab must be formatted correctly for the WS-Fed claim (the claim URL) and in an Okta Expression Language-friendly manner to ensure the appropriate value is sent properly.