User17141590118454216429 (Customer) asked a question.
[ copied from devforum by request of an Okta team member - https://devforum.okta.com/t/okta-api-how-to-specify-attribute-statements-for-ws-federation-app/31479/1 ]
Is there a way to set an Attribute Statement for a Templated WS Federation app (‘signOnMode’ = ‘WS_FEDERATION’) using the API?
01 - Tried the answer in SAML app- Is there API to update attribute statement - The app gets created without error, but there are no attributes when I look in the portal.
```
{
"name": "template_wsfed",
"label": "Test App",
"signOnMode": "WS_FEDERATION",
"settings": {
"app": {
[...]
},
"signOn": {
"attributeStatements": [
{
"name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
"values": [
"user.id"
],
"namespace": "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified",
"type": "GENERIC"
}
]
}
}
}
```
02 - Tried manually creating an attribute in the portal then doing an Apps API `GET` - The response contains the app, with no sign of the attribute in the response body.
03 - There's a `settings.app.attributeStatements = null` in the response body - tried to `POST` a new app with the attribute in there, and got `"errorSummary": "Type mismatch exception. ",`
```
{
"name": "template_wsfed",
"label": "Test App",
"signOnMode": "WS_FEDERATION",
"settings": {
"app": {
"attributeStatements": [
{
"name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
"values": [
"user.id"
],
"namespace": "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified",
"type": "GENERIC"
}
],
[...]
}
}
}
```
[04 to ∞] - Been reading forum posts, developer docs, API specs and examples, tried ChatGPT. Tried dozens of formats of post body. Can't figure out what's missing here. How can these be managed via API?
(Apologies if 'Administration' is the wrong category. I don't see a better one)
I'm with you, I don't find any documentation on how to set these and when I get app details from API (/api/v1/apps/${appId}) for an WSFed app that has custom attributes set they are not returned. I even looked at how to set up a custom OIN template but don't see a way that would work either.
https://help.okta.com/oie/en-us/content/topics/apps/aiw-saml-reference.htm
https://help.okta.com/oie/en-us/content/topics/apps/define-attribute-statements.htm
I suggest you open an Okta Support Case and have them investigate to see if there is even an API option for this and if there is not you can submit an "Ideas" post to request.
https://support.okta.com/help/s/cases
https://ideas.okta.com
Please comment back on this post if you find a solution or post a link to your "Ideas" post if Okta Support says it is not currently possible so we can all upvote your request.