When creating a new realm or updating an existing one, users with the ADMIN role can access a section called Profile mappers.
The Profile mappers section allows ADMIN users to:
- Manage user accounts with JavaScript (defining a user's roles, groups, tags, and search preferences)
- Define mappings between user accounts on an authentication system (SSO), and user accounts on a Fluid Topics portal.
- Make HTTP requests to request, submit, or delete information from an external domain.
The script defined in the Profile mappers assistant drawer runs when a user logs on the portal.
Pressing Control + Space or Control + i displays inline help for the configuration assistant. Fluid Topics also automatically suggests available methods when entering a dot.
- When running the configuration assistant, it is necessary to have the email address of an existing user on hand.
- All the properties available to use with the
attributesobject are listed in the All available profile properties drawer. - Calling a function using an undefined variable leads to an error.
- When configuring search preferences, defining a JavaScript function is the only mapping method available.
- To increase security when getting information from an external server, it is possible to configure client certificates for mutual TLS (mTLS) authentication.
- To prevent privilege escalation and conflict with email addresses mapped in the profile mapper, email addresses manually entered by an end user are not taken into account for the
user.emailvariable. This applies to all realms except the internal realm.