Attribute with claims missing from SAML response


Me and a customer is trying to configure up an identity provider. I have done this with a few previous customers already, using their Azure Active Directory. This customer is using ADFS, and we are having some problems mapping up the claims/attributes as they are completely missing in the SAML response. I have a test user, and I use a chrome extension to see the SAML response, but there is not really anything that I can see indicating anything is wrong. When I try to log in, I get an error in the System Logs, so at least there is some kind of connection. The error we get is “Unable to validate incoming SAML Assertion”.

Is there any tips on what we can do to debug this further? Customer says he have setup the attributes/claims in ADFS, but they are just not in the response. Can I verify that the response is even successful, and does not contain any error messages?

We had to modify the variable names for the mapping of first and lastname in the profile editor (Click configure>Edit Profile) for the ADFS identity provider