<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008G7UbPSAVOkta Classic EngineAdministrationAnswered2022-03-08T10:54:05.000Z2017-02-08T13:41:40.000Z2017-11-17T15:29:48.000Z

Henrik BoC.78251 (Customer) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
WS-Fed App is misconfigured when using Custom Expressions in Custom Attribute Statements
Hi,

 

We configured Okta template WS-Fed App and added Custom Attribute Statement which should return only the first part of user's mail adress.

 

Custom Attribute Statements: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name|${f:substringBefore(user.email, '@')}|

 

However an misconfiguration error is thrown:

 

The Template WS-Fed App attribute list is: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name|${f:substringBefore(user.email, '@')}|

 

Attributes should be in one of the forms below:

firstName|${ssfn:escapeHtml(user.firstName)}|namespace 

firstName|instanceId:${ssfn:escapeHtml(user.firstName)}|namespace

 

We tried with a lot of different combinations, but seems like no functions can be used with this context.?
  • 3 answers
  • 1.4K views

  • AlexandruD.25766 (Customer)

    Hello Henrik.

    Thank you for taking your time on submitting this question.

     

    From the looks of this setup, the expresion looks to be valid.

     

    Please visit the Okta Admin Dashboard, open you app and click on that application sign-on tab.

    On the Application username format, select "Custom" and select the "Custom expression" url.

    This will permit you to try and preview the mapping based on the examples you provided.

     

    If you believe further assistance is required, please log a support ticket so that we can further investigate the issue.

     

    Thank you!

     

    Alex - Okta Support 

    Expand Post

  • Henrik BoC.78251 (Customer)

    Hi Alex,

     

    Thank you for your reply and suggestion.

     

    I tried testing it with Custom expression and looks correct on the preview screen. I know we tested this setup about 9 months ago, and it was working correctly with WS-Fed Template by extracting part of the e-mail on dev account.

     

    0EM2A000000Xqvi

     

    Any other suggestions?

     

    - Henrik

     

    Expand Post

  • gabriel.sroka1.4374539321839353E12 (Okta, Inc.)

    Hi Henrik

    In the "Custom Expression" tester, try just the expression (without the namespace), eg: 
    1.  ${f:substringBefore(user.email, '@')}
     0EM2A000000Xr4r
    Expand Post
This question is closed.
Loading
WS-Fed App is misconfigured when using Custom Expressions in Custom Attribute Statements