...
Name | Type | Default | Description |
|---|---|---|---|
oidc.name | String | The claim name to map to and from (if absent, the IdPAttribute's id is used) | |
oidc.asArray | Boolean | false | Encodes and decodes multiple values as a JSON array |
oidc.asInteger | Boolean | false | Encodes and decodes individual values as a JSON integer |
oidc.asBoolean | Boolean | false | Encodes and decodes individual values as a Boolean |
oidc.stringDelimiter | String | <space> | Encodes and decodes multiple values as a string with a specifie delimiter |
oidc.nameFromSamlMetadata4.1 | Boolean | false | The claim name may be set in the SAML metadata |
SAML metadata-driven claim name
Since OP v4.1, the claim name may be set in the SAML metadata-driven style. If the OIDC transcoder property oidc.nameFromSamlMetadata is set to true, the metadata tag http://shibboleth.net/ns/attributes/naming/oidc can be used together with pattern <id> <name> to set a custom name for the claim.
Below is an example snippet of SAML metadata for test_rp that configures the claim name eppnNewNameForTesting for attribute with ID eduPersonPrincipalName:
| Code Block |
|---|
...
<md:EntityDescriptor entityID="test_rp">
<md:Extensions>
<mdattr:EntityAttributes>
<saml:Attribute Name="http://shibboleth.net/ns/attributes/naming/oidc"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml:AttributeValue>eduPersonPrincipalName eppnNewNameForTesting</saml:AttributeValue>
</saml:Attribute>
... |
Transcoder Types
There are 3 built-in types of OIDC transcoders, as follows. Each one is predefined as a Spring bean for use in rules using the "short" name of the transcoder as shown.
...