Recently the 'SAML Authentication Plugin' project on github (https://github.com/Telligent/SAML) has been updated.
Versions 3.0.1701.18 onward now properly honor the NameID attribute of the SAML token and use that value for the ‘ClientUserId’ value of the te_OAuth_Links table (which is the table that maps remote OAuth Ids to the Telligent user)... prior to this change the code was improperly using the ID attribute of the SAML token which could change with each issuance.
If you can't provide your existing ‘ClientUserId’ value (typically username or email address claims) in the SAML token NameID property, to continue to provide your users a seamless sing in experience you will need to override this behavior by implementing a ISamlUserLookup plugin or custom code in a ISamlOAuthLinkManager plugin. Either of these points would allow you to both update the internal samlTokenData object passed to the Telligent login form and or manage the existence of correct data in the te_OAuth_Links table.
For questions please contact Telligent Professional Services for more information.
Powered by Telligent Community