IdP mapping sets
When you Add an IdP, a mapping set is automatically created for the IdP in Directory > Mapping Sets. It is prefixed with IDP Mapping. For example:
IdP mapping sets are used to create Users when JIT is enabled for the IdP, and there is a login via this IdP for which no account currently exists in HelloID.
To get started, Customize IdP mappings.
Each IdP mapping set has three sections: Change Attributes, Change Mappings, and Set Identifier:
Change Attributes (IdP mapping)
These are the attributes that HelloID expects the IdP to send. Only the attributes defined here are available on the Change Mappings screen.
When you click Edit for an attribute, the following settings are available:
- Display Name
Not used.
- Variable Name
The intermediary name of the attribute, which will be shown in the User column of the Change Mappings screen, in the next step. Typically should be the same as the Source Field.
- Source Field
The name of the attribute to pull from the IdP user schema.
- Data Type
The data type of the attribute.
- Required
Change Mappings (IdP mapping)
Here, you map attributes sent from the IdP (left column; defined on the Change Attributes screen) onto attributes in the HelloID user schema (right column).
Attributes from the IdP use the syntax {{user.<VariableName>}}, where <VariableName> is the Variable Name you defined for the attribute on the Change Attributes screen.
Attributes in the HelloID user schema use the syntax user.<VariableName> or user.attributes.<VariableName>, where <VariableName> is the name of the attribute that will be created in HelloID user objects. Top-level attributes (user.) are default attributes in the HelloID user schema. Attributes in the user.attributes. sub-object are Custom user attributes.
Set Identifier (IdP mapping)
The set identifier is the unique identifier which links IdP users to HelloID users.
Attributes from the IdP use the syntax {{user.<VariableName>}}, where <VariableName> is the Variable Name you defined for the attribute on the Change Attributes screen.
