BloodHound supports SAML 2.0 for Single Sign On to authenticate users to your tenant environment.
Data Type | Value |
---|---|
IDP Name Format | urn:oasis:names:tc:SAML:2.0:attrname-format:uri |
Required SAML Attributes | Either of the following will map to the user’s email address in BloodHound:http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress urn:oid:0.9.2342.19200300.100.1.3 |
Optional SAML Attributes | The following will map to the user’s first name in BloodHound:http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name |
- | The following will map to the user’s last name in BloodHound:http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname |
- | The following will map to the user role in BloodHound:http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role |
bh-
and are written in kebab-case.Role | Key Value |
---|---|
Administrator | bh-administrator |
Power User | bh-power-user |
User | bh-user |
Read Only | bh-read-only |
Upload Only | bh-upload-only |