Configure SSO: Map Attribute Statement Tags
The mapping feature allows EnterWorks to recognize attribute statement tags in the IDP's response that are different than what EnterWorks expects. To configure EnterWorks to recognize the new statement tags:
- Create a JSON file that maps the attribute statements EnterWorks is looking for
to the tags the IDP is using. The JSON file must be
named:
and must be located in:sso-mappings.json<drive>:\Enterworks\enable2020\services\sso-mappings\ - The
sso-mappings.jsonfile has five key:value pairs:{ "login": "login", "firstName": "firstName", "lastName": "lastName", "email": "email", "groups": "groups" } - The key is what EnterWorks is looking for. Replace the value with the tag the
IDP is using. For example, if the IDP is using the "
email" tag as the login value, thesso-mappings.jsonfile would have a key:value pair of"login": "email"as shown below.{ "login": "email", "firstName": "firstName", "lastName": "lastName", "email": "email", "groups": "groups" } - The
sso-mappings.jsonfile only needs to contain key:value pairs for the attribute statement tags that are different from what EnterWorks is searching for. For example, if the IDP is using the "email" tag as the login value but the rest of the attribute statements are tagged as expected, thesso-mappings.jsonfile could only have the key:value pair for"login": "email"as shown below.{ "login": "email" } - The
create-<service-name>-service.cmdscripts should exist in the following folder. If they do not, create the create-service scripts.<drive>:\Enterworks\enable2020\services\install - Edit the
create-enable-web-server-service.cmdfile:- Set the
ssoMappingConfigparameter to indicate the location of thesso-mapping.jsonfile:-ssoMappingConfig=<drive>:\Enterworks\enable2020\services\sso-mappings\ - Save the script.
- Use the script.
- Set the