MS Azure SAML Role Mapping

Hi All

I’m trying to integrate Ignition with MS Azure’s SAML interface and generally have it working but I cannot get the roles to map over. The SAML tokens come back with the group info formatted like so:

    <Assertion ...
            <Attribute Name="">

I came up with the following expression for the role mapping expression:


But it doesn’t work, I get the following error:

Invalid reference ‘mult-attribute-source:authnResponse:/saml2p:Response/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name=“”]/saml2:AttributeValue/text()’ in expression tag ‘null’

I may be missing something obvious, but I can’t figure out what the issue is. Does something jump out at anyone else?

Looks like a simple typo:

Change {mult-attribute-source: to {multi-attribute-source: (the i at the end of multi)

Thanks! This worked, note that the documentation has it without the “i”:

1 Like

Glad you got it working. I suspected that the typo might be in the docs, and a simple copy-paste error was at play. I notified someone who manages those pages and they will be fixing the typo soon.