servicenow SAML 2 integration
Paul B. Henson
henson at csupomona.edu
Wed Apr 30 19:07:45 EDT 2014
> From: Michael A Grady
> Sent: Wednesday, April 23, 2014 6:31 PM
>
> Yes, you'd have something like the following example that you'd add to your
> attribute resolver:
[...]
> You don't need to mess with the global "release transientID to anyone"
> config, just add the Deny for it for those SPs where you need to send an
> alternate NameID.
Cool; thanks much for the examples. Leaving the global transientid filter alone and explicitly denying it in the separate servicenow policy is a lot cleaner than the previous example I saw of munging the global one to specifically exclude servicenow.
More information about the users
mailing list