When the Shibboleth login is enabled, OpenOLAT synchronizes Shibboleth attributes to user properties. The synchronisazion happens every time when a user logs in via Shibboleth.


The mapping of Shibboleth attributes to OpenOLAT user properties is configurable in For the mapping of each attribute four values are configurable.

Parameter Description Mandatory Values
shibboleth.user.mapping.key1.shib Shibboleth attribute name yes
shibboleth.user.mapping.key1.olat OpenOLAT user property name yes
shibboleth.user.mapping.key1.handler Attribute handler no DoNothing (default), FirstValue, SchacGender, ...
shibboleth.user.mapping.key1.delete Delete or keep user properties if Shibboleth delivers nothing no true (default) / false

The user properties email, first name and last name are mandatory in OpenOLAT. So the configuration for these three properties are simplified. It is sufficient to set the names of the Shibbolet attributes. You dont have to explicty specify the user properties. The mandatory user properties are never deleted, so there are no appropriate configurations.

User properties

The possible values for the parameter shibboleth.user.mapping.keyXY.olat are available in OpenOLAT: Administration > Customizing > User Properties. You have to use the "Name" of the user property in the configuration file.

Attribute handlers

The attribute handler transforms the delivered Shibbleth attribute value before it is assigned to a user property. E. g. the SchacGender handler maps the values 1 and 2 to the values male and female.


This handler does not transform the incomming value in any form.


Shibboleth knows the so called multi values. This handler takes the first value of them.


Value Mapping

OpenOLAT can be expanded with custom attribute handlers. A custom attribute handler has to implement the Interface "org.olat.shibboleth.handler.ShibbolethAttributeHandler". Further it must be a Spring @Component. In the configuration file you have to set the Spring component name to the handler value. Example:

class DoNothingHandler implements ShibbolethAttributeHandler {
	public String parse(String shibbolethAttributeValue) {
		return shibbolethAttributeValue;

Migration from OpenOLAT pre 12.0

Before OpenOLAT 12.0 the configuration of the attribute mapping was hard coded for the University of Zurich. You have to use the following configuration to gain the same mapping.