000038300 - November 2019 Release change in default multivalue SAML Attribute format can break RSA SecurID Access Cloud Authentication Service Application Integration

Document created by RSA Customer Support Employee on Jan 3, 2020
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000038300
Applies ToRSA Product Set:  SecurID Access
RSA Product/Service Type:  Cloud Authentication Service
IssueA working SAML integration that utilizes multi-value Attribute Extensions no longer works after the November 2019 Cloud Authentication Service release.
CauseA new feature was added to enable sending multi-valued attribute values in a separate attributeValue element.
As part of this change, the default single attributeValue format was modified from:

"value1,value2,..."
to
"value1","value2",...

It is possible that the Service Provider (SP) application rejects this changed attribute format.
ResolutionN/A
WorkaroundIn the Cloud Administration Console modify the application's Connection Profile to use the For multivalued attributes, send each value in a separate attributeValue element checkbox and publish the change.
 

Attachments

    Outcomes