This article describes how to create a custom User ID for SAML & WS-Federation assertion workflows. These user IDs can be comprised of multiple attributes from the data store and include pre-defined verbiage as well.


These instructions apply to SecureAuth IdP realms configured for the following integration types:

  • SAML
  • WS-Federation
SecureAuth IdP Configuration Steps

1. Navigate to the Custom Front End section and configure the following options

Token Data Type (Send)CustomSpecifies a Token which will be sent to post-auth.
Custom Token Fields<Profile Field>Define a profile field or fields you would like to add.

2. In the Custom Token Fields field choose the field(s) you would like to use and press the button. If successful you will see the field appear in the text box immediately below surrounded by { } brackets. If there is any static text you would like to appear as well you can type it into that textbox. See below for an example of this use case.

Post Authentication

Navigate to the User ID Mapping section and configure the following options


User ID MappingCustom Token ValueThis option controls the User ID sent in the assertion.