ugs26 (ugs26) asked a question.
AWS Account Federation Application - user.profile.login field is missing on the saml.
After single sign-on to AWS with AWS Account Federation Application , on AWS CloudTrial we can find the AssumeRoleWithSAML event that was generated according to the saml.
The issue is that the responseElements.subject field contains the application userName but the actual user.profile.login. This can cause for wrong data in case of two different applications with the same userName, or even worse - same application with the same two user names (it is allowed). The user.profile.login should be added to the event data so there will be direct connection to the user.
Hello @ugs26 (ugs26),
Thank you for posting.
You can suggest this on the Okta Community by using the 'Feedback' option at the bottom of the Okta admin console, once on the Community page go to Ideas→Post Idea.
Features suggested in our community are reviewed and can be voted on and commented on by other members of the community, therefore making it much easier for the engineering team to understand the priorities that you have for feature requests.
Regards,
Natalia
Okta Inc.
@User16254393570754125507 (Okta) It seems to me more like a bug than a suggestion, but I can't open a bug since I am not registered as an organization.
I created a feedback but than got this answer:
Please note:
Unfortunately, we're not able to respond to support case requests through this survey. If you have a specific need around a case, please contact support.