SAML response from Google Workspace- Picture field ??
-
Hi, we are using the SAML2 IdP, to federate the authentication to Google Workspace where it maintains the user's organizational information, however in the SAML Response attributes the profile image field is not present. How can we get the url of the image?
-
Thanks for the question. If I am understanding correctly, if you are expecting a certain attribute to be returned in an AuthN response, this would require additional configuration on the part of Google. Is there a configuration tool on that side to add an additional attribute to be sent in an AuthN response?
Thanks,
Josh -
hi @joshua , we need a special attribute from Response SAML of Google Workspace, the URLImage profile.
Since, on the contrary, the Google IdP that uses fusionAuth incorporates basic user information into its Scope (with the profile urlImage), however it does not contain organizational information.
-
@leandro-menagonzalez Sorry - I was traveling for a bit and then under the weather.
Were you able to resolve this?
If not, my understanding is that this would be a mapping problem. Essentially, Google would have to be instructed to send over a profile pic url, and FusionAuth would consume that in the AuthN response. Further, a reconcile lambda can be used to grab this URL attribute and store on the user, etc. Let me know if I am misunderstanding the issue.
Josh
