OpenmAM SAML2 Transient Federation and Persistent Federation

This topic has 2 replies, 2 voices, and was last updated 3 years ago by Scott Heger.

  • Author
  • #27055

    Is it applicable to configure openam service provider to support both SAML2 Transient federation and persistent federation at the same time from different IDP and how can we configure this ?

    (Note : now we didnot store user identity in SP)

    Also is it applicable to map differnt SAML Assersion Attribue in SAML response Coming from diffrent IDP to the same attribute in openam service provider if we implemented the both SAML2 Transient federation and persistent.

    example :
    if IDP1 send the userEmail as “UserEmail”
    and IDP2 send useremail as “email”

    how we can map this in our service provider.


    @rajeshr @peter-major

    any advice please

     Scott Heger

    This reply has been reported for inappropriate content.

    I would recommend creating two different Hosted SP entities and pair each with their specific IDP in their own circle of trust. This way you can define how each pair interacts with each other and clearly identify how to handle the responses from each IDP.

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?