User attributes

In order for Enterprise Application Access (EAA) applications to allow authentication by EAA as the SAML identity provider, the application needs information about the user. This information is known as user attribute declarations. User attributes are name-value pairs that include a title for the attribute and the user attribute code. The user attribute code is identifying information that is used by both the EAA application or service provider (SP) and the native application’s code to authenticate a user. The required user attributes vary and depend on the native application’s requirements for authentication. While the EAA IdP prepopulates common attributes by default, you can specify custom attribute declarations. For example, you may want an application to use and attribute such as Employee Type validate and authorize a user.

You create user attributes in the EAA Management Portal from System > Settings > User Attributes. These user attributes appear in the Configure Directory menu of an EAA directory. User attributes are available for the Active Directory (AD) and Open LDAP directory types.

You map user attributes to EAA and your Active Directory (AD) or Open LDAP in the EAA Management Portal from Identity > Directory > Configure Directory (gear) icon > User Attributes.

Next, Create user attributes in EAA, Map user attributes of the directory or Map custom LDAP user and group attributes to the EAA directory.