on 12-02-2023 12:00 AM
We are using a corporate IdP as the default IdP for application users and have successfully configured the system to allow SSO for our application. However, the User Name field in the subaccount is displaying a GUID value instead of the value we'd like to see. We've successfully used the Enrich Token Claims for the OpenID connect config that updates the email the way we'd like but cannot figure out how the User Name field gets is value. Does anyone know the proper claim (Azure AD) to map to or possibly a different way to achieve this? 2023-12-01-15-58-16.jpg
have you checked following SAP note: 3014151 - First Name, Last Name and E-mail are not correctly displayed in BTP Cockpit or populated i... -> "In addition, the Subject Name ID is mapped to "user_name" ..
so which attribute are you using for Subject Name Identifier? looks like something, like UUID or Global User ID. So you might switch you SNI in the XSUAA application in IAS to email (or what's coming from your corp IDP depending on your config -> See Configure the Subject Name Identifier Sent to the Application | SAP Help Portal )
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks, Marco. That SAP note hint did the trick. We needed to turn on Federated Identity and use the advanced config to set the proper subject name identifier. Then back tracked and set the proper Attributes to map the First, Last, and Email (as we lost the implicit mapping with these changes). But, we now have all fields in the sub account populating properly.
Appreciated the helpful suggestions from both of you.
Not sure how to mark your response as a good answer...
User | Count |
---|---|
77 | |
9 | |
9 | |
7 | |
7 | |
6 | |
6 | |
5 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.