Resolving attributes from a SAML proxy
mgrady at unicon.net
Wed Oct 6 19:29:01 UTC 2021
> On Oct 6, 2021, at 2:03 PM, Wessel, Keith <kwessel at illinois.edu> wrote:
> I also see that I need to add the attribute to my attribute filter config to allow the ADFS IdP to assert it.
> DO I also need to add an attribute definition so that I can use the attribute elsewhere in the IdP, resolving it and doing things like... oh, I don't know... deciding if the upstread IdP performed MFA so I can release the right ACR value?
Keith, you need the attribute registry stuff to first make it available. See the Azure AD doc here:
See Proxy Task 3, but adjust as necessary for the name/format on the wire for your use case.
Michael A. Grady
IAM Architect, Unicon, Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users