Hi,
can you give me an example how i must configure the identityserver as an Service Provider to get the role attributes in the claims.
I create demo project and can connect me with our IdentityNow System over the Identity Server 4.
I get the following SAML Response with the role Attributes:
saml:AttributeStatement
<saml:Attribute Name=“Firstname”>
<saml:AttributeValue xmlns:xs=“<a href=“http://www.w3.org/2001/XMLSchema””>http://www.w3.org/2001/XMLSchema" xmlns:xsi=“<a href=“http://www.w3.org/2001/XMLSchema-instance””>http://www.w3.org/2001/XMLSchema-instance" xsi:type=“xs:string”>Max</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name=“Roles”>
<saml:AttributeValue xmlns:xs=“<a href=“http://www.w3.org/2001/XMLSchema””>http://www.w3.org/2001/XMLSchema" xmlns:xsi=“<a href=“http://www.w3.org/2001/XMLSchema-instance””>http://www.w3.org/2001/XMLSchema-instance" xsi:type=“xs:string”>role_1</saml:AttributeValue>
<saml:AttributeValue xmlns:xs=“<a href=“http://www.w3.org/2001/XMLSchema””>http://www.w3.org/2001/XMLSchema" xmlns:xsi=“<a href=“http://www.w3.org/2001/XMLSchema-instance””>http://www.w3.org/2001/XMLSchema-instance" xsi:type=“xs:string”>role_2</saml:AttributeValue>
<saml:AttributeValue xmlns:xs=“<a href=“http://www.w3.org/2001/XMLSchema””>http://www.w3.org/2001/XMLSchema" xmlns:xsi=“<a href=“http://www.w3.org/2001/XMLSchema-instance””>http://www.w3.org/2001/XMLSchema-instance" xsi:type=“xs:string”>role_3</saml:AttributeValue>
<saml:AttributeValue xmlns:xs=“<a href=“http://www.w3.org/2001/XMLSchema””>http://www.w3.org/2001/XMLSchema" xmlns:xsi=“<a href=“http://www.w3.org/2001/XMLSchema-instance””>http://www.w3.org/2001/XMLSchema-instance" xsi:type=“xs:string”>role_4</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name=“Email”>
<saml:AttributeValue xmlns:xs=“<a href=“http://www.w3.org/2001/XMLSchema””>http://www.w3.org/2001/XMLSchema" xmlns:xsi=“<a href=“http://www.w3.org/2001/XMLSchema-instance””>http://www.w3.org/2001/XMLSchema-instance" xsi:type=“xs:string”>Max.Mustermann@muster.com</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name=“lastname”>
<saml:AttributeValue xmlns:xs=“<a href=“http://www.w3.org/2001/XMLSchema””>http://www.w3.org/2001/XMLSchema" xmlns:xsi=“<a href=“http://www.w3.org/2001/XMLSchema-instance””>http://www.w3.org/2001/XMLSchema-instance" xsi:type=“xs:string”>Mustermann</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
Thanks
Are you seeing any role attributes in the claims?
What version of the SAML component are you using?
There was an issue with the SAML authentication handler not setting claims for multi-value attributes correctly with only the first attribute value set.
This was fixed in v2.7.0.
Hi,
thanks for the quick response.
I took a look and saw that i use an old version (2.0.6).
For quick testing i add the trail component but there i got the Error : The trial period has expired. Please contact us at support@componentspace.com for further information. 
So i have to search for someone in our company who can update our license nugt Souce of the componentSpace Nuget with the last version.
Regards
Thanks,
with the lib Version 2.7.0 the role attributelist return correctly.
Thanks for the confirmation.