<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D51Y00008j84Q5SAIOkta Classic EngineSingle Sign-OnAnswered2024-04-15T11:24:39.000Z2020-06-17T14:57:07.000Z2020-06-24T17:56:43.000Z

sena0 (sena0) asked a question.

June 17, 2020 at 2:57 PM
Get group id(s) in the saml response

All is in the title!

I need to get a user's group id in the saml response i receive in my Rails app.

In AzureAD, i can get it with the mapping but here with Okta, i don't really understand how to proceed.

Also, i would like some help with provisioning (SCIM) : i have users in groups. I assigned the groups to the app but i don't receive any user in my Rails app. But i do when a assign users individually.

Again, it works with AzureAD when i assign groups.

 

Any help would be appreciated 🙂

 

Thanks

  • 1 answer
  • 1.14K views

  • User15869687604898410373 (Okta, Inc.)

    Depends on the application you are using in Okta:

    1. If it's a OIN application then, the "Attributes (optional)" menu is in the Sign-On tab of the application bellow "Default Relay State". It appears when editing the settings there. In the "Attributes (optional)" menu you can find "Group Attribute Statements (optional)"
    2. If it's a custom SAML 2.0 application created using the application integration wizard then: a) during creation the menu "Group Attribute Statements (optional)" is there on page 2 "Configure SAML" or b) after creation you can find the options in the "General" tab of the application, in "SAML Settings" at the bottom of the box.

    You can use this to configure your integration to suit your organizational needs. If you want to send all groups a user is part off please use "Matches regex"and ".*" in the filter.

    As for assistance with SCIM please open a case for Okta support.

    Expand Post
This question is closed.
Loading
Get group id(s) in the saml response