<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008G7UwgSAFOkta Classic EngineOkta Integration NetworkAnswered2024-04-17T11:09:23.000Z2015-09-17T18:33:11.000Z2016-02-26T03:20:45.000Z

qsldk (qsldk) asked a question.

September 17, 2015 at 6:33 PM
I used the SAML 2.0 template to build a new SAML app. The SP is telling me that I am missing required attributes from the assertion - First Name, Last Name and email. My understanding is that these are standard attributes. If not, how do I add?
I used the SAML 2.0 template to build a new SAML app. The SP is telling me that I am missing required attributes from the assertion - First Name, Last Name and email. My understanding is that these are standard attributes. If not, how do I add?
  • 3 answers
  • 1.54K views

  • 6iga1 (6iga1)

    Angela, in the section "Attribute Statements", what, if anything are you sending?  If namespace unspecified (the default) is OK for the SP and they expect "FirstName", you would need to release:

     

    FirstName|${user.firstName}

     

    or if you needed a specific namespace (for example basic):

     

    FirstName|${user.firstName}|urn:oasis:names:tc:SAML:2.0:attrname-format:basic

     

    Use the same format and seperate by comma for multiple attributes.  You can find the attribute names by picking any user and looking at the profile "tab".
    Expand Post

  • qsldk (qsldk)

    Thank you Ryan! I will give this a shot and respond back.

  • Tony Wong (Customer)

    Also, if you are using AD or other source you'll need to the instance ID in the mapping too.   It's best to go the actual app that you created and click on "View Setup Instructions" button under the "Sign On" tab, you'll see the instance ID of all the external accounts and examples to configure an attribute statement
This question is closed.
Loading
I used the SAML 2.0 template to build a new SAML app. The SP is telling me that I am missing required attributes from the assertion - First Name, Last Name and email. My understanding is that these are standard attributes. If not, how do I add?