A new mellon setting named A2_ATTRIBUTE_MAPPING must be used, whose syntax is:
MELLON_A2_ATTRIBUTE_MAPPING = [
{
'attribute': 'email',
'saml_attribute': 'mail', # value from the Name attribute of the saml:Attribute node
'mandatory': True, # optional boolean, if True and attribute is missing, SSO will be refused
},
]
To test it, you could add to your settings:
A2_AUTH_SAML_ENABLE = True
MELLON_IDENTITY_PROVIDERS = [
{
'METADATA_URL': 'https://cresson.entrouvert.org/idp/saml2/metadata',
}
]
MELLON_ATTRIBUTE_MAPPING = {
'email': '{attributes[email][0]',
'first_name': '{attributes[first_name][0]}',
'last_name': '{attributes[last_name][0]}',
}
Requirement is that your IdP is sending 3 attributes named, email, first_name
and last_name.