<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z00009WmKHeCANOkta Classic EngineIntegrationsAnswered2024-01-22T23:06:58.000Z2023-08-10T00:27:29.000Z2023-08-10T17:09:29.000Z

LauraR.50916 (Customer) asked a question.

August 10, 2023 at 12:27 AM
Group Attribute Statements: how to send only groups that match a Regex

Hello,

I want to send group attributes to a SAML application. I have users in okta with groups in the following format:

123445*team-admin*123234

123445*team-readonly*123234

123445*team-audit*123234

User 1 is a member of team-admin, team-readonly and team-audit, but i only want to send the group team-readonly

 

I tried the following on the Group Attribute Statements:

Option 1

Name: read-only

Name Format: unspecified

Filter:

matches-regex .*team-readonly*.*

Option 2

Name:read-only

Name Format:unspecified

Filter: isMemberOfGroupNameRegex(.*team-readonly*.)

Option 3:

Name:read-only

Name Format:unspecified

Filter:

Groups.contains("idsol-org-readonly")

None of these options result in anything on the SAML Assertion, however if I just input:

Name:read-only

Name Format:unspecified

Filter: .*

Then i get all the groups the user is in. I need help, i checked the documentation but i do not understand how to only send a specific group

  • 1 answer
  • 1.19K views

  • LauraR.50916 (Customer)

    I got it:

    isMemberOfGroupNameRegex(".*team-readonly.*")?"team-readonly":"Null"

This question is closed.
Loading
Group Attribute Statements: how to send only groups that match a Regex