JohnO.45837 (XIX.AI) さんが質問をしました。
We're developing an external MFA solution by configuring a SAML IdP as 'Factor Only' and then enabling it as an MFA factor.
Everything works great, except that usernames passed to us in the subject of the SAML assertion (saml2:NameID) are case sensitive and our solution stores them as case insensitive.
So, when we return the SAML assertion to Okta, it fails because the names are not identical, case-sensitive matches.
Is there a way to configure profile mappings (or anything, really) to not require this to match exactly on case, or to downcase and then accept a downcase match on the return SAML?
Otherwise, we'll just have to do the work to change our user store to support case sensitivity as well as perform some additional work to prevent collisions on our end.
Hello @JohnO.45837 (XIX.AI) ,
I've escalated your question to our Customer Support team. They will respond to you shortly here.
Thanks!
Tim
Okta, Inc.
Hello @JohnO.45837 (XIX.AI)!
I'm Jonatan from the T2 support team.
Thanks for using our Help Center community.
Unfortunately, after doing some research it doesn't look like there is a way to change case sensitive from the Okta side for your particular use case where the problem is the username value used in the SAML assertion.
I suggest you create an Okta Idea with the details of the problem so that the community can vote on it. If it gets enough votes, the developers team will have more visibility and there will be more chances for the feature to be introduced in the future.
I hope this clarifies your doubts. Please don't hesitate to contact us if you have any other questions or problems with your Okta products.
What is the solution of this topic?
I have similar problem.