NameID mapper scripting API

The NameID mapper script is a next-generation script and therefore has access to all the next-generation common bindings in addition to those described here.

Binding Description

Binding	Description
`hostedEntityId`	The entity ID for the hosted IdP.
`remoteEntityId`	The ID of the hosted SAML v2.0 entity.
`nameIDFormat`	The requested SAML v2.0 NameID format.
`session`	An instance of `ScriptedSession` representing the user’s single sign-on session object interface for information about SSO token and authentication information, as well as session-related properties. Only present when the session object passed by the SAML engine is an SSOToken. Retrieve session property values with the following `ScriptedSession` supported method: `public String getProperty(String name)`
`nameIDScriptHelper`	The `NameIDScriptHelper` binding provides the following supporting methods and constants for customizing the NameID value: Constants `NAMEID_FORMAT_TRANSIENT` `NAMEID_FORMAT_PERSISTENT` `NAMEID_FORMAT_UNSPECIFIED` `NAMEID_FORMAT_EMAIL` Methods `public String createNameIdentifier()` `public String getNameIDValue() throws SAML2Exception` `public boolean shouldPersistNameIDFormat()` `public String getNameIDFromSession()` Always present.
`identity`	An instance of `ScriptedIdentityScriptWrapper` representing a scriptable implementation of an identity. The `identity` binding is derived from the session, so it’s only present if the `session` object is. The `identity` object will also be missing if PingOne Advanced Identity Cloud throws an exception during its creation. If this happens, PingOne Advanced Identity Cloud records an entry in the logs.

hostedEntityId

The entity ID for the hosted IdP.

remoteEntityId

The ID of the hosted SAML v2.0 entity.

nameIDFormat

The requested SAML v2.0 NameID format.

session

An instance of ScriptedSession representing the user’s single sign-on session object interface for information about SSO token and authentication information, as well as session-related properties.

Only present when the session object passed by the SAML engine is an SSOToken.

Retrieve session property values with the following ScriptedSession supported method:

public String getProperty(String name)

nameIDScriptHelper

The NameIDScriptHelper binding provides the following supporting methods and constants for customizing the NameID value:

Constants

NAMEID_FORMAT_TRANSIENT
NAMEID_FORMAT_PERSISTENT
NAMEID_FORMAT_UNSPECIFIED
NAMEID_FORMAT_EMAIL

Methods

public String createNameIdentifier()
public String getNameIDValue() throws SAML2Exception
public boolean shouldPersistNameIDFormat()
public String getNameIDFromSession()

Always present.

identity

An instance of ScriptedIdentityScriptWrapper representing a scriptable implementation of an identity. The identity binding is derived from the session, so it’s only present if the session object is.

The identity object will also be missing if PingOne Advanced Identity Cloud throws an exception during its creation. If this happens, PingOne Advanced Identity Cloud records an entry in the logs.