Hi Team, i try to find a solution to figure out a way where the SAML Request from. Is it possible? The memberOf attribute needs to be changed, depending on the origins of the request.
Expanding this answer, you can follow different policy branches for different SPs of SAML authentication requests, but you can't use "issuer" like that directly. This is covered by F5 enhancement request ID 960161 (currently not on roadmap).
To break down what i think you've said for clarity. So memberOf is a AD attriubute, this isn't connected to SAML at all.
But what you can do, is on APM auth, you do your AD Auth, then AD Query. From there you can either take the whole memberOf Parameter and put it into the saml responce to your SP. Or write something in your APM policy that looks at the memberOf output and builds a variable with what ever you need into it, then put that into your SAML token to your SP. I've done both dependant on what the application needs and how flexiable it can be.
