I am struggleing to capture a property that sholud flow from Azure AD to BTP, I want to read this proprty in my CAP applicatio, I can see this propery in SAML trace and in XSUAA ../support.jsp. The property dosen't even exist in JWT token or in any user attribures. I check below blogs but no luck.
Have you checked: XSUAA-based Authentication? It mentions: "Authentication kind xsuaa is a logical extension of kind jwt that additionally offers access to SAML attributes through req.user.attr (for example, req.user.attr.familyName)."
I agree with gregorw, this should work respectively. Eventually, you might need to map the respective SAML attributes in your XSUAA role collection. Also check out the following question, which might provide further guidance.
The only limitation I am aware of is the fact that in Node.js, user attributes cannot be used as part of @cds.on.insert and similar definitions of your CDS model, but you should still be able to access them as part of your custom handlers.
@gregorw, thanks!! after mapping BTP attributes to AD attributes I am able to get. But in token attr is missing, only limited information available. I think XSUAA is trimming the token and accepting only mapped properties. Sometimes we need entire SAML data, how we can achieve this, any suggestion.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.