User attribute mapping for federated repositories

Use this page to set or to modify the mapping for user or group attributes of a user registry to the federated repository properties in the current realm.

To view this administrative console page, click Security > Global security. Under Available realm definitions, click Federated repositories, and then Configure.

Note: In a multiple security domain environment, click Security domains > domain_name. Under Security Attributes, expand User Realm, and click Customize for this domain. Select the Realm type as Federated repositories and then click Configure.

On the next page and under Additional Properties, click User repository attribute mapping.

Attribute mappings

Select an attribute to set or to modify the mapping for the user or group attribute of a user registry to a federated repository property, and then click Edit.

Attribute: Specifies the name of the user registry attribute.
Property for Input: Specifies the name of the federated repository property that maps to the specified user registry attribute when it is an input parameter for the user registry interface.
For example, to set the type of attribute that is used for the userSecurityName parameter in the UserRegistry call, String getUniqueUserId(String userSecurityName), configure the input mapping (Property for Input) on the userSecurityName attribute. The default mapping value for userSecurityName is principalName.
Property for Output: Specifies the name of the federated repository property that maps to the specified user registry attribute when it is an output parameter (return value) for the user registry interface. In most cases, the propertyForInput and propertyForInput would be the same.
For example, to set the type of attribute that is used for the return type (the unique user ID) in the UserRegistry call, String getUniqueUserId(String userSecurityName), configure the output mapping on the uniqueUserId attribute. The default mapping value is uniqueName.

Available attribute mappings

Note: The mappings do not correlate to the get method for each attribute type. For example, setting the input and output property for uniqueUserId, does not set the input parameter and return type for the getUniqueUserId(String userSecurityName) method.

User or group attributes of the user registry are mapped to federated repository properties in the current realm.

The following default list of attribute mappings are available in the administrative console:

Attribute	Property for Input	Property for Output
`groupDisplayName`	`cn`	`cn`
`groupSecurityName`	`cn`	`cn`
`uniqueGroupId`	`uniqueName`	`uniqueName`
`uniqueUserId`	`uniqueName`	`uniqueName`
`userDisplayName`	`principalName`	`principalName`
`userSecurityName`	`principalName`	`principalName`