lelle1 Absent Member.
Absent Member.
1675 views

AAF as Saml IDP

Hi,

I trying out the Saml2 idp support in AAf and have managed to integrate it with a Access Manager SP, that works fine.
But one thing I would like to do is to add extra attribute that I want to send over to the service provider, is that possible?
I haven't found a way in documentation or in Gui
Any suggestions?

/Lelle
0 Likes
7 Replies
Micro Focus Expert
Micro Focus Expert

Re: AAF as Saml IDP

lelle;2464650 wrote:
Hi,

I trying out the Saml2 idp support in AAf and have managed to integrate it with a Access Manager SP, that works fine.
But one thing I would like to do is to add extra attribute that I want to send over to the service provider, is that possible?
I haven't found a way in documentation or in Gui
Any suggestions?

/Lelle


Hi Lelle,

Unfortunately this is not supported at the moment.
Could you please provide some more information about the attribute and what exactly do you want to reach?
0 Likes
lelle1 Absent Member.
Absent Member.

Re: AAF as Saml IDP

Hi,
In this case I'm interested in e-dir attribute groupmembership and/or AD memberOf

/Lelle
0 Likes
Micro Focus Expert
Micro Focus Expert

Re: AAF as Saml IDP

Okay, I'll create an internal ticket for that.
Do you have a customer behind that or this is required for some integration?
0 Likes
lelle1 Absent Member.
Absent Member.

Re: AAF as Saml IDP

Hi,

It is for a customer that is moving away from Nordic Edge, we have moved most of there integration but this one has been challenging.
For almost all we are using Access Manager as IDP, but in this case the customer wants otp login only. And this is the only way that I have managed to solve that

/Lennart
0 Likes
Micro Focus Expert
Micro Focus Expert

Re: AAF as Saml IDP

Okay. Thank you for the clarification
0 Likes
lelle1 Absent Member.
Absent Member.

Re: AAF as Saml IDP

Hi,

we solved this way, Access Manager is IDP for the SP, and AAF is IDP for Access Manager. The contract for AAF is a step up contract in Access Manager, so users are logged in there.
After that we pick the membership attribute from IDM user store that is a backend for both AAF and AM and add to the attribute set
0 Likes
Micro Focus Expert
Micro Focus Expert

Re: AAF as Saml IDP

lelle;2465739 wrote:
Hi,

we solved this way, Access Manager is IDP for the SP, and AAF is IDP for Access Manager. The contract for AAF is a step up contract in Access Manager, so users are logged in there.
After that we pick the membership attribute from IDM user store that is a backend for both AAF and AM and add to the attribute set


Great news! Thank you for the update.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.