OpenmAM SAML2 Transient Federation and Persistent Federation

This topic contains 2 replies, has 2 voices, and was last updated by  Scott Heger 1 week, 1 day ago.

  • Author
    Posts
  • #27055
     BassemMahmoud 
    Participant

    Is it applicable to configure openam service provider to support both SAML2 Transient federation and persistent federation at the same time from different IDP and how can we configure this ?

    (Note : now we didnot store user identity in SP)

    Also is it applicable to map differnt SAML Assersion Attribue in SAML response Coming from diffrent IDP to the same attribute in openam service provider if we implemented the both SAML2 Transient federation and persistent.

    example :
    if IDP1 send the userEmail as “UserEmail”
    and IDP2 send useremail as “email”

    how we can map this in our service provider.

    #27094
     BassemMahmoud 
    Participant

    @rajeshr @peter-major

    any advice please

    #27097
     Scott Heger 
    Participant

    This reply has been reported for inappropriate content.

    I would recommend creating two different Hosted SP entities and pair each with their specific IDP in their own circle of trust. This way you can define how each pair interacts with each other and clearly identify how to handle the responses from each IDP.

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2019 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?