I am trying to build a ZTNA solution using warp client to limit access to a self hosted http server. I have the warp clients authenicating via SAML 2.0 to our AWS SSO directory. Warp client enrollment work just fine. However, once the client is enrolled, I have no username or email associated with the enrollment.
I have all the attributes I want from the “Test button” in ‘CF | ZTNA | Settings | Authentication | SAML | generic SAML 2.0’ From the AWS SSO IdP. Here is an example:
Below is an example of the user identity returned from the SAML test button.
Your connection works!
{
“email”: “[email protected]”,
“name”: “John Deere”,
“givenName”: “John”,
“surName”: “Deere”,
“saml_attributes”: {
“emailaddress”: “john,[email protected]”,
“id”: “88c67e40-94c2-437c-8789-364adf5f36d0”,
“username”: “deerej1”
},
“headers”: {}
}
When I look in devices, I see the Windows Computer listed, but there is no email associated with the device in ‘CF |ZTNA | My Team | Devices’ nor is the user added to ‘CF | ZTNA | My Team | Users’.
How do I get the attributes returned from a warp client enrollment via SAML to populate the appropriate properties for Users and Devices?