Skip to content

Attribute Mapping

Application attributes contain descriptive information about the individual users. Each attribute has a label and one or more values associated with it.

Note: Satori automatically provisions the following attributes:

  • First Name
  • Last Name
  • Email Address
  • Manager ID
  • Groups

Customize Attribute Mapping for Okta

  1. To add additional attributes to your SCIM provisioning, follow the Okta instructions here.

  2. Map your attributes to the specific Satori namespace: urn:ietf:params:scim:schemas:extension:satoricustom:2.0:User:FIELDNAME where FIELDNAME is the desired and existing attribute you wish to map.

Customize Attribute Mapping for Azure

Perform the following steps in Azure to allow synchronization of additional attributes from Azure to Satori:

  1. Map the desired user attribute field using the Azure attribute mapping.

  2. Map your attributes to the specific Satori namespace: urn:ietf:params:scim:schemas:extension:satoricustom:2.0:User:FIELDNAME where FIELDNAME is the desired and existing attribute you wish to map.

  3. Because this area of Azure is deeply nested and difficult to find in their UX, we have provided a short tutorial video on this subject.

  4. Once you follow these steps, the next time your SCIM provisioning runs, the new fields will show up in the user profiles in Satori.

  5. More information on this Azure subject can be found here

Adding Satori Control Attributes

Satori control attributes allow Satori to manage control access for varification of the users identity.

To enable this feature perform the following:

Map your control attributes to the specific Satori namespace: urn:ietf:params:scim:schemas:extension:satoricontrolattributes:2.0:User

The following attibutes can be utilized by Satori to provide you with the ability to authenticate users in addition to the email address.

Optional Aliases Attibute

These aliases are used by Satori to identify the user when logging in to the datastore using an alias.

Key: aliases

Type: string array

For Example

["alias1","alias2"]

Optional RAW Aliases Attibute

If your IdP does not allow you to map under the namespace an attribute with a string array type you can map aliases to a comma separated string.

Key: rawAliases

Type: string

For Example

“alias1,alias2,alias3”

NOTE: If you define both types of aliases (aliases & rawAliases) under the namespace then the aliases key attribute will take precedence.