cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Zoom User Group SAML Response Mapping Advanced

MattMoffat
Newcomer
Newcomer

‎2024-03-17 11:11 AM

I am working on setting up SAML response mapping to assign users to user groups using the advanced response mapping feature of the saml integration. What I am wondering, is if there is an 'all else' or a 'not' identifier.

 

My specific example:

I want to split all users into AI Enabled group or AI Not Enabled groups. I have a SAML attribute that we use across multiple platforms for AI Enablement called "AIEnablement." It is a multi string value. If the string contains Zoom, I want the user in the AI Enabled group in Zoom. If it DOESN'T contain zoom, then I want them in the other group. 

So is there a way to either use the "Value Contained" section of the SAML information mapping to say Not:'Zoom'? If so, how would I format that?

My other thought was, in place of that, could I set a group to be all member EXCEPT those contained in X user group?

Any and all advice and thoughts are appreciated.

Topics:
5 REPLIES 5

colegs
Community Champion | Employee
Community Champion | Employee

‎2024-03-18 07:53 PM

@MattMoffat if you scroll to the bottom of the mapping section, below advanced mapping, there is a section for SAML Auto Mapping.  You can enter default values here for what to use if nothing matches in the advanced mapping section.  

 

Unfortunately, there is not a "Not" option, but I will say that the logic will search for values that contain the data you enter.  Therefore, if you want to assign all users who are in a "Not AI" department to the no AI group, entering "Not AI" would capture "IT - Not AI" and "MArketing - Not AI" in the same statement.

 

RaiRe22
Newcomer
Newcomer

‎2024-10-21 10:58 AM

I want to assign a specific User Group if a specific attribute name is returned. It asks me for an attribute value but is there a way to put a non null, if exists or regular expression like .+ in the attribute value field ?

0 Likes

colegs
Community Champion | Employee
Community Champion | Employee
In response to RaiRe22

‎2024-10-21 02:56 PM

I have not tried it, but the Advanced SAML Mappings use 'Like' logic to determine if an attribute value has the characters anywhere in the string that is passed.  With that in mind, if you leave the attribute value blank, I wonder if it would catch it if the attribute is passed and fail if the attribute is not passed.

0 Likes

RaiRe22
Newcomer
Newcomer
In response to colegs

‎2024-10-22 06:30 AM

Unfortunately we are not able to let the attribute value field empty.

0 Likes

RaiRe22
Newcomer
Newcomer

‎2024-10-22 11:42 AM

I was not aware that Advanced SAMP Mapping use "Like" logic so I find a work around with the email. If it's a subdomain (.subdomain.) then it's an employee otherwise it's a student.