Support » Plugin: WP SAML Auth » “mail” attribute is expected, but missing, in SAML response.

  • Resolved chibao

    (@chibao)


    Hello everyone,
    I’m currently learning how to setup an SAML IDP (SimpleSAMLPHP) and SAML SP (WordPress). Currently I still can’t login to the WordPress, it keep saying: “”mail” attribute is expected, but missing, in SAML response.”
    I believe it is related to attribute, and metadata. But I still can’t firgue out how to fix it.

    Here is the saml20-sp-remote.php file:

    $metadata['https://xyz.com'] = [
        'AssertionConsumerService' => 'https://xyz.com/wp-login.php',
        'SingleLogoutService' => 'https://xyz.com/',
        'NameIDFormat' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
        'simplesaml.nameidattribute' => 'mail',
        'simplesaml.attributes' => true,
        'attributes' => array('mail', 'cn', 'uid'),
    ];

    Here is the AuthData from SimpleSAMLPHP demo:

    {
        "Attributes": {
            "uid": [
                "john"
            ],
            "cn": [
                "John Doe"
            ],
            "mail": [
                "johndoe@abc.com"
            ],
            "password": [
                "1@^%&!()S(Ae8912938192839t9ăw9389812938"
            ]
        },
        "AuthnInstant": 1601778090,
        "Expire": 1601806890
    }

    Here is the attribute mapping configs:

    user_login => uid
    user_mail => mail
    display_name => cn
    first_name => cn
    last_name => ''

    Thank you for taking your time to help me. If you need any further information, just let me know!

Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.