External User Not Found when trying to auto link SAML Users by Email
π¬Self-hostedβQuestionβUnsolved
Hi,
I have set up Okta as an Identity Provider on Zitadel, and I am trying to get the auto linking part of it working.
I have a created a user in Zitadel with the same email as my Okta account. Now when I click Sign In with Okta, on the login screen, I get External User Not Found.
I've played around with different settings on both Zitadel and Okta side and currently, I think I have all this set up correctly.
I've been digging in the source code and the database a little bit, and I think the issue might be on this file here: https://github.com/zitadel/zitadel/blob/e57a9b57c8e770383316599a338ceef023d96de6/internal/idp/providers/saml/mapper.go#L57
All other providers have this interface implemented, however it seems like saml doesn't really link any attributes besides the ID, so when checkAutoLink function is called, all the properties here are returned empty (including email and username).
Is this intentional or is there something I might be doing wrong?
My IDP template configuration as a reference:
Thank you
I have set up Okta as an Identity Provider on Zitadel, and I am trying to get the auto linking part of it working.
I have a created a user in Zitadel with the same email as my Okta account. Now when I click Sign In with Okta, on the login screen, I get External User Not Found.
I've played around with different settings on both Zitadel and Okta side and currently, I think I have all this set up correctly.
I've been digging in the source code and the database a little bit, and I think the issue might be on this file here: https://github.com/zitadel/zitadel/blob/e57a9b57c8e770383316599a338ceef023d96de6/internal/idp/providers/saml/mapper.go#L57
All other providers have this interface implemented, however it seems like saml doesn't really link any attributes besides the ID, so when checkAutoLink function is called, all the properties here are returned empty (including email and username).
Is this intentional or is there something I might be doing wrong?
My IDP template configuration as a reference:
Thank you
GitHub
ZITADEL - Identity infrastructure, simplified forΒ you. - zitadel/zitadel
