version: 1
metadata:
labels:
blueprints.goauthentik.io/system: "true"
name: System - SCIM Provider - Mappings
entries:
- identifiers:
managed: goauthentik.io/providers/scim/user
model: authentik_providers_scim.scimmapping
attrs:
name: "authentik default SCIM Mapping: User"
expression: |
# Some implementations require givenName and familyName to be set
givenName, familyName = request.user.name, " "
formatted = request.user.name + " "
# This default sets givenName to the name before the first space
# and the remainder as family name
# if the user's name has no space the givenName is the entire name
# (this might cause issues with some SCIM implementations)
if " " in request.user.name:
givenName, _, familyName = request.user.name.partition(" ")
formatted = request.user.name
# photos supports URLs to images, however authentik might return data URIs
avatar = request.user.avatar
photos = None
if "://" in avatar:
photos = [{"value": avatar, "type": "photo"}]
locale = request.user.locale()
if locale == "":
locale = None
emails = []
if request.user.email != "":
emails = [{
"value": request.user.email,
"type": "other",
"primary": True,
}]
return {
"userName": request.user.username,
"name": {
"formatted": formatted,
"givenName": givenName,
"familyName": familyName,
},
"displayName": request.user.name,
"photos": photos,
"locale": locale,
"active": request.user.is_active,
"emails": emails,
}
managed: goauthentik.io/providers/scim/group
name: "authentik default SCIM Mapping: Group"
"displayName": group.name,