Auth0 SAML working, but returned fields missing

dave.hill · March 30, 2021, 5:06pm

I successfully connected Auth0 to cloudflare via SAML, however the “email” fields are not populated, nor are the groups.

From Auth0’s perspective, my test shows the SAML it is returning contains my email info, and active directory groups, but cloudflare only sees my name, givenName, and surName.

I assume i need to do some custom mapping of some sort, and i can do this with json in auth0 - but i dont know how to map the values to cloudfront.I tried using Auth0’s default of {“mappings”:{“email”:“xxxx”}}, but it does not work.

Any ideas?

dave.hill · March 30, 2021, 6:28pm

Hello, i managed to finally figure this out.

In my Authentication configs for Auth0 SAML (on cloudflare Teams), in optional configurations i found adding these values to Email Attribute name and SAML attributes got the mapping to work.

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
http://schemas.xmlsoap.org/claims/Group
http://schemas.auth0.com/department

system · March 30, 2021, 5:06pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.