Closed piejanssens closed 3 months ago
Dear Pieter,
thanks a lot for reaching out. We'll analyze the issue and get back to you soon.
Best regards
Frank
Hi Peter,
we have now had a look at your issue.
Basically, adding the additional parameter to the destination seems to be correct as you described it.
However, the additional parameter only works if the attribute is part of the data in the XSUAA (aka SAP UAA) service. If so, it will already be in the assertion as long as the user token has the additional user_attributes scope. If it is not known to XSUAA, it cannot be part of the assertion.
For more information see also:
https://help.sap.com/docs/connectivity/sap-btp-connectivity-cf/consuming-destination-service?q=xsuaa https://help.sap.com/docs/connectivity/sap-btp-connectivity-cf/user-propagation-via-saml-2-0-bearer-assertion-flow?q=user_attributes%20scope
Best regards Frank
Hi Frank,
I appreciate the clarification. In our use case, we are using the "systemUser" attribute so no UAA data coming in. I'll do some tests using a JWT containing the user_attributes instead.
Best regards,
Pieter
Issue description
I want to have a destination of the type OAuth2SAMLBearerAssertion that requires a custom SAML attribute. This is required to request a learning-only user OAuth access token from the SuccessFactors OAuth token server (see bottom https://help.sap.com/docs/SAP_SUCCESSFACTORS_PLATFORM/2abbb39286994389bb0f1f4418773a7c/4e27e8f6ae2748ab9f23228dd6a31b06.html).
From the documentation it is not clear to me how I can add an "additional property" in the destination.
I tried adding a combination of the properties below, but it's not working as expected and it's not clear that this would be indeed the way to do this.
Feedback Type (Optional)
clarity
Page Title on SAP Help Portal (prefilled)
SAML Assertion Authentication
Page URL on SAP Help Portal (prefilled)
https://help.sap.com/docs/connectivity/sap-btp-connectivity-cf/saml-assertion-authentication