Mapping operator information for a SAML SSO authentication service
To enable the login process to authenticate the requestor, specify the attribute returned in the identity provider's SAML assertion that corresponds to the Pega Platform operator ID. You can also map other attributes from the SAML assertion to selected properties and pages that are used by your preauthentication and postauthentication activities or by other Pega Platform features such as access control policies.
- Open the authentication service and in the SAML 2.0 tab, navigate to the Operator identification section.
-
In the
Map operator id from
section, select one of the
following.
- Name identifier in the subject
- Attribute, then specify the attribute
- Optional:
On the Mapping tab, map the attributes from the login process
to properties and pages that are used by your preauthentication and postauthentication
activities or elsewhere in Pega Platform.
-
You can use the following properties and pages in the Map
from field. You can also reference custom properties and pages that are
used in a login flow, and you can use the Expression Builder to specify expressions.
Page or property name Description pxRequestor The requestor page. D_SAMLAssertionDataPage The SAML assertion. -
You can use the following properties and pages in the Map
to field. You can also reference custom properties and pages that are
used in a login flow.
Page or property name Description OperatorID The operator ID. D_pyOperatorAttributes Requestor-scoped data page for caching operator attributes. D_pyOperatorDeviceInformation Requestor-scoped data page for caching operator device information.
-
You can use the following properties and pages in the Map
from field. You can also reference custom properties and pages that are
used in a login flow, and you can use the Expression Builder to specify expressions.
- Click Save.