Skip to main content

How to add custom claim mapping for Single Sign On (SSO)

Mike Smithers
Updated

In this article, we will show you how to set up custom claim mapping for Single Sign On (SSO). Typically you might want to add custom claims where the username identifier you are using does not directly match the username identifier required for Kallidus to authenticate you.

There are 2 scenarios to consider:

Most customers do not need to create custom claims. This is only necessary if you use a custom identifier (which is quite rare).  

Set up custom claims where you manage and edit them yourself

By default, Kallidus will match on preferred username. This section will give instructions on how to edit this if it does not match.  You will need to add a custom attribute to the claims with the name "https://www.kallidus.com/username".  

This section includes details for:

Microsoft Azure

These steps need to be undertaken in Microsoft Azure by your IT team. We assume the Kallidus configuration is already set, and you are creating a custom claim for this:

  1. Go to 'Enterprise applications' and find the Kallidus configuration, which should already be set up 
  2. Select the 'Single Sign-on' option from the left-hand menu: AddandManageUsers_Azure_SSO.png
  3. Select 'Edit' in the Attributes and Claims section: AddandManageUsers_Azure_SSO_EditAttributesClaims.png
  4. Add a new claim.  The name of the claim is https://www.kallidus.com/username: AddandManageUsers_Azure_SSO_AssNewClaim.png
  5. Add the Source. Here, you need to add the value you wish to use. It needs to match the username field in the Kallidus suite: AddandManageUsers_Azure_SSO_EditAttributesSource.png
  6. Select 'App registrations', locate the Kallidus configuration in the list and highlight it
  7. Select the Manifest option from the menu in the left panel
  8. Change 'AcceptmappedClaims' to True: AddandManageUsers_Azure_SSO_AcceptMappedClaim.png

Google Workspace

  1. Go to 'Apps'
  2. Go to 'Web and mobile apps: AddandManageUsers_GoogleWorkspace_Wenandmobileapps.png
  3. Select and open the app you have created to link with Kallidus: AddandManageUsers_GoogleWorkspace_Kallidusapps.png
  4. Select to expand the SAML attribute mapping section
  5. Select to 'Add Mapping': AddandManageUsers_GoogleWorkspace_AddMapping.png
  6. Select the directory field which maps to your username in the Kallidus platform 
  7. Under App attributes, add https://www.kallidus.com/username
  8. Save your changes

Set up custom claims where they are fixed and cannot be changed 

Information is coming soon! 

We are working on the ability to map claims within the Kallidus identity platform.  This will allow you to map claims of your choice to a defined list of claims within Kallidus.  

Get deeper learning in The Academy

The Academy is your learning hub for Kallidus products, including live events, eLearning videos, and more. If you're new to The Academy or know someone who is missing out on free learning, contact your Customer Experience Manager or the Support Team to sign up today.

Discover the latest insights, tips and industry news on the Kallidus blog.

Related articles