Getting "attribute is missing in the assertion or not mapped properly." Error
Issue
While configuring SAML, I am getting the "<Attribute Name> attribute is missing in the assertion or not mapped properly." error.
Resolution
1. Check the Attribute Name Value
This can be done via:
- Logs:
- In the MI app: access Admin > System > System Variables
- Enable SAML_ASSERTION_ATTRIBUTES_LOGGING
- Check the logs under the path
/opt/mi/iv/data/temp/samlinside thewebcontainer:-
Attribute Name in the logs must exactly match the value in
/opt/mi/external_config/saml.php
-
Attribute Name in the logs must exactly match the value in
- Chrome DevTools:
- Add the SAML extension to the Chrome DevTools
- Inspect the SAML response, find the Attribute Name
- Compare the Attribute Name with the value in
/opt/mi/external_config/saml.php, an exact match is required
2. Ensure That Attribute Name in Assertion and in saml.php are Equal
Contact the IdP admin to edit the Attribute Name in Assertion, or edit the saml.php file to match the Attribute Name value provided in Assertion.