Customizable error message when a required SAML attribute is missing
Summary
Currently, when a SAML application is configured to require an attribute from session, the following code is run if the attribute is actually missing:
unless ( defined $value ) {
if ($mandatory) {
$self->logger->error(
"Session key $_ is required to set SAML $name attribute"
);
return PE_SAML_SSO_ERROR;
}
And a generic PE_SAML_SSO_ERROR is shown to the user.
However, some organizations might want to change this error message, but only in this particular error case. For example.
"You are missing a required attribute, please connect to [Some client app] and complete your profile"
Design proposition
I will add a new portal error code, and a corresponding defaut translation that users may customize through the translation system