Menu
▾
▴
Re: [Unity-idm-discuss] Using multiple SAML federations with IdP overlap
|
From: Krzysztof B. <kb...@un...> - 2019-12-08 22:04:41
|
W dniu 05.12.2019 o 07:15, Sander Apweiler pisze: >> If so this is perhaps not very complex task, but certainly longer. >> We >> would expose those in the context of input profile of SAML >> authenticator >> (as a new variable, e.g. idpAttrs). So you can either create a >> condition >> on it or just use it as-is for some attribute value. We will also >> need >> to implement IdP side support for it - to be able to automate >> testing. >> >> Does it sound correct to you? > This is almost correct, but in this case the DFN set this attribute in > the metadata not the IdP. Sure - I meant that the attribute is not the user's (SAML assertion subject's) attribute, but should be obtained from IdP settings. |
