I am using an external Open ID Connect 1.0 identity provider and attempting to map user roles into the Mapped User Attributes.
Using test login; my IdP response data from my provider looks like:
The appropriate roles list is populated in the IdP response @ property “http://tt.com”
My mapped user attributes test login result looks like:
I have tried a few different combinations of both direct and expression-based user attribute mappings. The latest being:
I thought maybe the issue was with forward slashes // in the property path, so I also tried surrounding with double quotes with no success. The Roles property is always blank. All of the other properties I have been able to map with direct mappings, although those properties differ in that they expect strings instead of Lists I believe.
Has anyone else succeeded in something like this / had any experience? Thanks!