Home > OS >  How does attribute mapping in AWS SSO apps work with Azure usernames?
How does attribute mapping in AWS SSO apps work with Azure usernames?

Time:10-17

I am creating an EUC Dashboard in AWS by following this tutorial. To log in to the dashboard, you're supposed to link SSO and Cognito. Unfortunately, my environment differs from the one in the Tutorial:

My user management runs on Microsoft Azure and AWS SSO checks Azure for authentication. The users only have a username (in the form of an email), not an email. In the tutorial, (at Module 2, Step 4, §18) Attribute Mapping for the SSO Application gets done with mapping ${user.email} to this schema http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress.

I instead want to map my usernames.

I have read through the AWS documentation for attribute mappings but that isn't enough for me to work this out.

How do I make this work for my setup?

CodePudding user response:

As your usernames are in an email format, you can still use the emailaddress claim schema for your user attribute mapping - they'll be no issues.

The only note is to ensure that the correct field is used for mapping e.g. ${user.username} in this case instead of ${user.email}.

  • Related