Normalized user profile
When a user logs in with SSO, each identity provider shares the user profile information in their own format. This adds complexity for the application developers to parse the user profile info and code related identity workflows. To make this seamless for developers, Scalekit normalizes the user profile info into a standard set of fields across all identity providers.
This means that you’d always receive the user profile payload in a fixed set of fields, irrespective of the identity provider and protocol you interact with. This is one of our foundational aspects of the unified SSO solution.
{ "email": "john.doe@acmecorp.com", "email_verified": true, "family_name": "Doe", "given_name": "John", "locale": "en", "name": "John Doe", "picture": "https://lh3.googleusercontent.com/a/ACg8ocKNE4TZ...iEma17URCEf=s96-c", "sub": "conn_17576372041941092;google-oauth2|104630259163176101050", "identities": [ { "connection_id": "conn_17576372041941092", "organization_id": "org_17002852291444836", "connection_type": "OIDC", "provider_name": "AUTH0", "social": false, "provider_raw_attributes": { "aud": "ztTgHijLLguDXJQab0oiPyIcDLXXrJX6", "email": "john.doe@acmecorp.com", "email_verified": true, "exp": 1714580633, "family_name": "Doe", "given_name": "John", "iat": 1714544633, "iss": "https://dev-rmmfmus2g7vverbf.us.auth0.com/", "locale": "en", "name": "John Doe", "nickname": "john.doe", "nonce": "Lof9SpxEzs9dhUlJzgrrbQ==", "picture": "https://lh3.googleusercontent.com/a/ACg8ocKNE4T...17URCEf=s96-c", "sid": "5yqRJIfjPh8c7lr1s2N-IbY6WR8VyaIZ", "sub": "google-oauth2|104630259163176101050", "updated_at": "2024-04-30T10:02:30.988Z" } } ]}
Full list of user profile attributes
Section titled “Full list of user profile attributes”Profile attribute | Data type | Description |
---|---|---|
sub | string | An identifier for the user, as submitted by the identity provider that completed the single sign-on. |
email | string | The user’s email address. |
email_verified | boolean | True if the user’s e-mail address has been verified as claimed by the identity provider; otherwise false. |
name | string | Fully formatted user’s name |
family_name | string | The user’s surname or last name. |
given_name | string | The user’s given name or first name. |
locale | string | The user’s locale, represented by a BCP 47 language tag. Example: ‘en’ |
picture | string | The user’s profile picture in URL format |
identities | Array of Identity objects | Array of all identity information received from the identity providers in the raw format |
Identity object attributes
Section titled “Identity object attributes”Identity attribute | Data type | Description |
---|---|---|
organization_id | string | Unique ID of the organization to which this user belongs to |
connection_id | string | Unique ID of the connection for which this identity data is fetched from |
connection_type | string | type of the connection: SAML or OIDC |
provider_name | string | name of the connection provider. Example: Okta, Google, Auth0 |
social | boolean | Is the connection a social provider (like Google, Microsoft, GitHub etc) or an enterprise connection. |
provider_raw_attributes | object | key-value map of all the raw attributes received from the connection provider as-is |