Is it applicable to configure openam service provider to support both SAML2 Transient federation and persistent federation at the same time from different IDP and how can we configure this ?
(Note : now we didnot store user identity in SP)
Also is it applicable to map differnt SAML Assersion Attribue in SAML response Coming from diffrent IDP to the same attribute in openam service provider if we implemented the both SAML2 Transient federation and persistent.
if IDP1 send the userEmail as “UserEmail”
and IDP2 send useremail as “email”
This reply has been reported for inappropriate content.
I would recommend creating two different Hosted SP entities and pair each with their specific IDP in their own circle of trust. This way you can define how each pair interacts with each other and clearly identify how to handle the responses from each IDP.