# Pass User Attributes

The Datawiza Access Broker (DAB) gets user attributes from IdP and can pass the user attributes to the upstream application via header or cookie. You can configure these attributes on Datawiza Cloud Management Console (DCMC).

Here are the configuration options for passing user attributes:

  • Profile Using Profile Editor, you can extend and customize app-specific profiles. This attribute can be used by Mappings, Rules or Attribute Pass.

  • Mappings Map IdP attributes to the DAB application attributes. If you are using multiple IdPs, the similar attributes of different IdPs can be mapped to the same attributes of DAB application.

  • Attribute Pass Define what user attributes (e.g., firstName and lastName) will be sent to the proxied application via header or cookie.

Now, we will set Okta and Auth0 as IdP and show how to config to send first name (firstName of Okta and given_name of Auth0) to the proxied application. The simple architecture is like: Attribute Pass Architecture

On DCMC, click the name of your DAB application, then select Profile.

  1. By default, we will add five basic attributes, email, username, lastName, firstName and groups. You can add other custom attributes as well. Add New Attributes in DCMC
  2. If you assign IdPs in IdP Configuration (We assign Okta and Auth0 as the example), the default mappings for basic attributes will be added: Add New Attributes in DCMC Add New Attributes in DCMC It is used to map user attributes from IdP to the DAB application. In the example above, firstName of Okta and given_name of Auth0 will be mapped to firstName in the DAB application.
  3. After configuring in Profile and Mappings, the final step is to add attribute pass: Add New Attributes
  • Field - The attribute name of your DAB application mapped from IdP.
  • Expected - The name for the header or cookie value expected by the upstream application.
  • Type - It could be header or cookie.

We just need to add one config: Field: firstName, Expected: firstname. Add New Attributes Add New Attributes in DCMC

Then, firstName of Okta and given_name of Auth0 will be passed to upstream application in the name of firstname.