Customizing SAML Attribute Mapping

You can customize how Shares maps SAML attributes to Shares user fields.

There are two types of profile fields:
  • Default fields: All SAML responses must provide these fields. You can edit the SAML name, but not the Shares field name.
  • Local fields: You can map additional SAMl fields to Shares users.

When there are enabled custom profile fields, a SAML user's details page shows values of those custom profile fields in the Custom Attributes tab.

To edit custom fields:

  1. Add new SAML fields in your SAML identity provider. These fields must be correctly mapped to the SAML directory service.
  2. Go to Admin > Directories and click Edit for SAML Identity Provider.
  3. Go to the Attribute Mapping tab.
  4. Click Add Custom Profile Field to add a new field:
    Configuration Option Description
    Name Enter the name of the field added to a Shares user.
    SAML Name Enter the name of the SAML field found in your IdP.
    Important: The Shares SAML Name must be correctly mapped to your SAML fields in IdP. If the names are incorrectly mapped and the field is required, Shares rejects the user login.
    Required Require that a SAML response includes the SAML name mapped to this custom field. SAML user login fails when the field is required, but the SAML response does not include the required custom attributes.
  5. Click Update user profile fields.