Generally speaking, a service provider (SAML or WSFED) will ask the identity provider, i.e. DualShield, to return some specific attributes upon successful user authentication.
In the DualShield Admin Console, find the Service Provider, e.g. "ADFS".
In the context menu of the service provider, select "Edit", then click the "Attribute" tab
Click the "Create" button to add a new attribute
Change the "Location" of the attribute to be placed. Normally, it is in the "HTTP Body"
Enter the name of the attribute that the service provider expects, e.g. "email"
Select the "format" of the attribute
Finally, specify the value of the attribute
The value of an attribute can be obtained in one of the following 3 ways
- Maps to an identity attribute
- A fixed valued
- Computed by a script
Typically, an attribute is mapped to an identity attribute, e.g to an AD attribute
