Custom Attributes in Identity Provider

Is there any way to add arbitrary custom attributes (eg. phoneNumber) to a SAML identity provider?

This post seems to only cover OIDC providers and I can’t find anywhere the question has been asked about SAML.

Does anyone know if this is possible?

No, this is not currently possible with the SAML IdP.

Does your IdP expose any REST API that you could call from a perspective session script? If you could pass along the username of the user currently logged in via SAML, and the REST API could return extra information about the user, you could add the user’s phone number to session props after logging in.

Another workaround: you could use a runScript expression function in one of your user attribute mappers to load the phone number from the SAMLResponse assertion and store it somewhere in ignition, perhaps as a user in an internal user source? In your perspective session, you can write a script to load the user from this special user source sharing the same username as the SAML username and pull the phone number from the internal user.

I’ll have to look into the REST API option. Thanks for the suggestions.

1 Like