Thank you for your response. The answer is "yes" to both questions. I've tried mapping the role to Name, memberOf, and FriendlyName. It looks like the response uses "DN format," and the example in ...
See more...
Thank you for your response. The answer is "yes" to both questions. I've tried mapping the role to Name, memberOf, and FriendlyName. It looks like the response uses "DN format," and the example in the docs is similar to the response I'm receiving. One difference I did notice from the doc, however, is the value it's returning. In the doc, it appears to be returning LDAP memberships: CN=Employee, OU=SAML Test, DC=qa, etc... Our back-end uses Grouper for authorization, and the value looks more like org:sections:managed:employee:saml-test:qa:etc... I wonder if that's confusing Splunk...? I'm grasping at this point.