Currently this cannot be done with WSO2 Identity Server. All the roles are returned as a comma separated list in the single "http://wso2.org/claims/role" attribute.
WSO2 Identity Server - configure roles as separate attribute
-
13-07-2023 - |
Question
By default wso2 IDP returns the roles as following
manager,Internal/identity,Internal/everyone
Is it possible to configure the IDP to return the roles as separate attribute as shown below
<saml2:Attribute Name="http://wso2.org/claims/role">
<saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xs:string">manager</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute Name="http://wso2.org/claims/role">
<saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xs:string">Internal/identity</saml2:AttributeValue>
</saml2:Attribute>
<saml2:Attribute Name="http://wso2.org/claims/role">
<saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xs:string">Internal/everyone</saml2:AttributeValue>
</saml2:Attribute>
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow