29 lines
1.3 KiB
Markdown
29 lines
1.3 KiB
Markdown
---
|
|
title: Overview
|
|
---
|
|
|
|
Property Mappings allow you to pass information to external applications. For example, pass the current user's groups as a SAML parameter. Property Mappings are also used to map Source fields to authentik fields, for example when using LDAP.
|
|
|
|
## SAML Property Mapping
|
|
|
|
SAML Property Mappings allow you embed information into the SAML AuthN request. This information can then be used by the application to, for example, assign permissions to the object.
|
|
|
|
## LDAP Property Mapping
|
|
|
|
LDAP Property Mappings are used when you define a LDAP Source. These mappings define which LDAP property maps to which authentik property. By default, the following mappings are created:
|
|
|
|
- authentik default Active Directory Mapping: givenName
|
|
- authentik default Active Directory Mapping: sAMAccountName
|
|
- authentik default Active Directory Mapping: sn
|
|
- authentik default Active Directory Mapping: userPrincipalName
|
|
- authentik default LDAP Mapping: mail
|
|
- authentik default LDAP Mapping: Name
|
|
- authentik default OpenLDAP Mapping: cn
|
|
- authentik default OpenLDAP Mapping: uid
|
|
|
|
These are configured with most common LDAP setups.
|
|
|
|
## Scope Mapping
|
|
|
|
Scope Mappings are used by the OAuth2 Provider to map information from authentik to OAuth2/OpenID Claims. Values returned by a Scope Mapping are added as custom claims to Access and ID tokens.
|