Mapping SAML attributes in a SAML response
Information about mapping SAML attributes in a SAML response.
Supported SAML attributes
MaaS360 supports the following SAML attributes:
Key in SAML response (case insensitive) | MaaS360 user interface | Required |
---|---|---|
emailaddress | Yes | |
location | Location | No |
domain | Domain | Yes |
fullname | Full Name | No |
mobilenum | Phone Number | No |
MaaS360 also supports custom attribute values that you
can update based on the SAML response. For custom attributes, the key in the SAML payload must match
the Variable Name for the custom attribute.
Example: Okta setup - SAML configurations
Missing or invalid mandatory parameters in the SAML response
If a mandatory parameter is missing or invalid during device enrollment, the following message is displayed:
The SAML token response is missing mandatory parameters or they are invalid. Please
contact your IT administrator for further assistance. The parameters that are missing or invalid are
domain, email.
At the end of the error message, the mandatory values that are missing in the SAML response are displayed. The current mandatory parameters that are supported are emailaddress and domain. From your corporate identity provider, you can change these values in the SAML response.