Hello!
I have a vendor with a requirement to send some custom attributes. They have the attributes listed and requested in their metadata. Here is one example:
<md:RequestedAttribute isRequired="true" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="SecurityLevel" FriendlyName="Security level requested for individual user accessing
this service"/>
I need to use an AD security group to restrict this access. Ideally it would like something like this:
If "user1" is a member of AD group "SecurityLevel1" then send this claim SecurityLevel=1
Thank you for any help you can provide!
