Claims Mapping transformation
If you need to rename or reorganize claims and their associated values before sending them to the service provider, this transformation object allows you to do so. Essentially, the mapping ensures that the claim listed in the Source column is assigned the value from the Destination column.
The Transformation consists of five sections:
Claim Transformation Name: Give the Transformation object a name that will make it easy to recognize when adding to the Pipelines of Authentication and Protocol connections.
Culture: Since expression may be using and comparing numbers, it is important for the system to know what culture is used in order to know whether comma or dot indicates a decimal point. Currently only two cultures are supported, Danish (comma is decimal point) and American (dot is decimal point). These should cover the needs of other cultures in regards to this issue.
Owner Organization: The organization that the Claim Transformation is added to.
Execute before loading claims from local store: By default, a claim transformation rule is executed after claims from local store are loaded for a principal. Check this option to let it execute before the load.
Conditions: It is possible to specify that the Transformation object is only applied to a Pipeline given certain conditions of the token or user is in place, include:
- The option to skip the Transformation step when the token belongs or does not belong to a user identified as existing in the Safewhere Identify repository.
- The option to specify that the Transformation object is not applied when token is processed via specific Authentication Connection or Protocol Connection.
- The option to specify regular expressions that define which tokens are to be exposed to the transformation step. Please see the Using Regular Expressions in Claim Transformation Conditions section to learn more.
Claim Mapping: To add a new claim mapping item to the list, add the source and destination claims in the drop-downs and click the Add button. This adds it to the list below that. To remove a mapping you do not want, click the Remove button.
Copy claims instead of mapping: By default, the source is replaced by the destination on the issued claim list. When this check box is checked, both the source and the destination appear on the issued claim list.
Let claim types that are not specified in Source pass through this transformation step: By default, only claim mappings in this transformation are passed through. When this check box is checked, the claims that are not specified on the transformation are passed through.