Xoxoday supports advanced attribute mapping configurations, enabling organisations to map custom fields such as user roles, department codes, and unique identifiers to align with their SSO setup and internal identity systems.
Attribute Mapping in Xoxoday
When connecting Xoxoday to an identity provider or HR system, a basic user identifier alone is rarely enough. Organisations typically need to carry additional context — job level, department, cost centre, or custom role codes — into Xoxoday so that reward eligibility, programme visibility, and access controls reflect real organisational structure. Xoxoday supports attribute mapping that goes well beyond a primary identifier. Administrators can configure mappings for standard schema fields (including eduPerson attributes used in academic or enterprise directories) as well as fully custom fields defined by your organisation.What Can Be Mapped
Xoxoday allows you to map a wide range of attributes during identity provisioning: User roles and access levels — Map your identity provider’s role claims directly to Xoxoday permission groups, so a user arriving via SSO is automatically placed in the right access tier without manual intervention. Department and organisational unit codes — Sync department identifiers from systems like Workday, SAP SuccessFactors, or Darwinbox so that Xoxoday programme segmentation mirrors your HR hierarchy from day one. Custom or proprietary identifiers — If your organisation uses non-standard fields — such as employee grade codes, regional identifiers, or internal taxonomy values — these can be mapped to corresponding Xoxoday attributes during provisioning.A Practical Example
Consider an organisation running SAP SuccessFactors as its HRIS and Microsoft Azure AD as its identity provider. During SSO configuration, the IT team maps thedepartment claim from Azure AD to Xoxoday’s department field, and a custom jobGrade attribute from SuccessFactors to a Xoxoday custom field. When an employee logs in for the first time, Xoxoday automatically places them in the correct reward programme and assigns the right manager approval chain — with no manual import required.
The same approach works for organisations using Darwinbox or any SAML 2.0 or OIDC-compatible identity provider.
Security and Compliance
Flexible attribute mapping does not come at the cost of security. Xoxoday’s identity provisioning aligns with the access control principles underpinning ISO 27001 and SOC 2 Type II certification, ensuring that only authorised attributes are transmitted and that data in transit is protected. Custom field mappings are scoped and auditable, giving IT and compliance teams full visibility into what is synchronised.Configuration and Support
Attribute mapping is configured at the SSO integration level within Xoxoday’s admin console. Your implementation team works with you to define the mapping schema during onboarding, and mappings can be updated as your directory structure evolves — without requiring a full re-integration. Learn more: Xoxoday Help Centre — System requirementHow does SSO work in Xoxoday?
Understand how Xoxoday integrates with SAML 2.0 and OIDC identity providers for single sign-on authentication.
Does Xoxoday support SCIM user provisioning?
Learn how Xoxoday uses SCIM to automate user lifecycle management, including creation, updates, and deactivation.