How can Splunk use the userid returned by idP to do validation of roles based on group mapped to LDAP (Microsoft Active Directory) and successfully integrate the SSO? We're using IBM SAM as the SSO.
As of now, the IBM SAM cannot provide the following attributes in an assertion and only userid is being returned:
role, realName, and mail