Symptom
We are getting the following error message, if we are trying to authenticate via SAML-integration to the Process Manager:
SAML exception - No mail address given, authentication unsuccessful
Resolution
This error message means, that our system is currently not getting an email address from your IDP. As this attribute is mandatory, the authentication is failing. Please check the following two solutions:
- Attribute mapping "mail"
Check your attribute mapping. The outgoing attribute has to be "mail" and the necessary mapping needs to be the LDAP-attribute "E-Mail Address" - Check the attribute in your Active Directory
Check the user object in your Active Directory. Sometimes the mail address is not directly filled in the user object.
Keywords
KBA , BPI-SIG-CA-SEC-SAM , SAML 2.0 for SAP Signavio , How To
Product
SAP Signavio Process Manager all versions ; Signavio Process Manager all versions