SAML Profile Retrieval - Fluid Topics

SAML Profile Retrieval - Fluid Topics - 3.7

Fluid Topics Integration Guide

Operating system

Debian

Category

Reference Guides

Audience

public

Version

3.7

SAML identity providers usually provide some information about the authenticated user.

When users authenticate through SAML for the first time, a Fluid Topics account is created. This account is associated to their authentication identifier and is used each time they authenticate in the future.

Fluid Topics retrieves as much information as possible in the SAML response.

SAML responses embed two types of user information:

the NameID (the user identifier). Fluid Topics requires it to be present.
the AttributeStatement that contains a set of attributes. A SAML attribute is composed of a name and a set of string values.

To create an account, Fluid Topics requires the following user information from the SSO response:

Unique Identifier (Required): used to find the corresponding account. Must be the same each time users get authenticated.
User Name (Required in the user Profile although optional in the SSO): full name of the user.
User Email Address (Required in the user Profile although optional in the SSO): email address used by the user.
Set of Groups (Optional): values are the names of groups the user belongs to.
Set of Roles (Optional): values are the role identifiers.

If the User Name and User Email files cannot be retrieved in the SSO response, they will be prompted to the user before the user account can be used.