SAML: Choose value for login-attribute

  1. What is your original issue/pain point you want to solve?
    A custom attribute is used as a main identifier in SAML-SSO. (Keycloak used). This is automatically used as login in Zammad.

  2. Which are one or two concrete situations where this problem hurts the most?
    The custom attribute is cryptic and more readable login should be used.

  3. Why is it not solvable with the Zammad standard?
    Because the attribute that is used for mapping into the login-field is not configurable.

  4. What is your expectation/what do you want to achieve?
    Make the mapping configurable.

Your Zammad environment:

  • Average concurrent agent count: 3 digits
  • Average tickets a day: 1-2 digits
  • What roles/people are involved: Agents/Admins

I think “login variable” should be re-phrased to “login attribute” because I believe that’s what you’re talking about and thus technically does not really has to do anything with variables.

1 Like

Can you not use the nickname field, which is then used for the username?