PingOne Advanced Identity Cloud

NameID mapper scripting API

The NameID mapper script is a next-generation script and therefore has access to all the next-generation common bindings in addition to those described here.
Binding Description

hostedEntityId

The entity ID for the hosted IdP.

remoteEntityId

The ID of the hosted SAML v2.0 entity.

nameIDFormat

The requested SAML v2.0 NameID format.

session

An instance of ScriptedSession representing the user’s single sign-on session object interface for information about SSO token and authentication information, as well as session-related properties.

Only present when the session object passed by the SAML engine is an SSOToken.

Retrieve session property values with the following ScriptedSession supported method:

public String getProperty(String name)

nameIDScriptHelper

The NameIDScriptHelper binding provides the following supporting methods and constants for customizing the NameID value:

Constants
  • NAMEID_FORMAT_TRANSIENT

  • NAMEID_FORMAT_PERSISTENT

  • NAMEID_FORMAT_UNSPECIFIED

  • NAMEID_FORMAT_EMAIL

Methods
  • public String createNameIdentifier()

  • public String getNameIDValue() throws SAML2Exception

  • public boolean shouldPersistNameIDFormat()

  • public String getNameIDFromSession()

Always present.

identity

An instance of ScriptedIdentityScriptWrapper representing a scriptable implementation of an identity. The identity binding is derived from the session, so it’s only present if the session object is.

The identity object will also be missing if PingOne Advanced Identity Cloud throws an exception during its creation. If this happens, PingOne Advanced Identity Cloud records an entry in the logs.