User creation based on SAML Attributes

Forum|Forum|5 years ago
July 16, 2020
1 reply
1120 views

Hi all,

We have configured Thingworx SSO with Azure AD. Now when new user logged in, Thingworx creates user entity based on user's full name. How we can make Thingworx to create user entity based on email ID or only first name or some other SAML attribute.

SAML Message

 <Subject>
 <NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">USERREQUIRED</NameID>
 <SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
 <SubjectConfirmationData InResponseTo="REMOVED"
 NotOnOrAfter="2020-07-16T13:32:57.070Z"
 Recipient="REMOVED"
 />
 </SubjectConfirmation>
 </Subject>
 <Conditions NotBefore="2020-07-16T12:27:57.070Z"
 NotOnOrAfter="2020-07-16T13:32:57.070Z"
 >
 <AudienceRestriction>
 <Audience>REMOVED</Audience>
 </AudienceRestriction>
 </Conditions>
 <AttributeStatement>
 <Attribute Name="http://schemas.microsoft.com/identity/claims/tenantid">
 <AttributeValue>REMOVED</AttributeValue>
 </Attribute>
 <Attribute Name="http://schemas.microsoft.com/identity/claims/objectidentifier">
 <AttributeValue>REMOVED</AttributeValue>
 </Attribute>
 <Attribute Name="http://schemas.microsoft.com/identity/claims/displayname">
 <AttributeValue>REMOVED</AttributeValue>
 </Attribute>
 <Attribute Name="http://schemas.microsoft.com/identity/claims/identityprovider">
 <AttributeValue>REMOVED</AttributeValue>
 </Attribute>
 <Attribute Name="http://schemas.microsoft.com/claims/authnmethodsreferences">
 <AttributeValue>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</AttributeValue>
 <AttributeValue>REMOVED</AttributeValue>
 </Attribute>
 <Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname">
 <AttributeValue>REMOVED</AttributeValue>
 </Attribute>
 <Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname">
 <AttributeValue>REMOVED</AttributeValue>
 </Attribute>
 <Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress">
 <AttributeValue>REMOVED</AttributeValue>
 </Attribute>
 <Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name">
 <AttributeValue>REMOVED</AttributeValue>
 </Attribute>
 </AttributeStatement>

From above sample I want to use value from the 'NameID' tagto create new user entity in Thingworx.

Best answer by Velkumar

Hi all,

We used PingFederate OGNL expression to solve this issue - https://docs.pingidentity.com/bundle/pingfederate-93/page/ndy1564003003840.html

/VR

V

Velkumar

AuthorAnswer

19-Tanzanite

Hi all,

We used PingFederate OGNL expression to solve this issue - https://docs.pingidentity.com/bundle/pingfederate-93/page/ndy1564003003840.html

/VR

Sign up

Please use your PTC eSupport account.

Welcome to the PTC Community

Please use your PTC eSupport account.

Scanning file for viruses.

This file cannot be downloaded