Forum Discussion
HI
 
I also have similar setup currently I have 3 x F5 APM IDP's with Google apps, Office365 and Zscaler on 3 seperate vips/apm policies all three use the same back end AAA AD object and are currently SP initiated only.
 
the SAML assertions from all three services as as far as I'm aware/have setup all have differing requirements for the SAML Subject field, Google=email, Office365=UPN, Zscaler=sAMAccountname, and are not changable on the SP side.
 
I have read the above recommended guide and wanted to clarify/ask if is possible to have these 3 SAML assertion subject fields somehow re-produced/recreated by a single F5 IDP object.
 
i also have read the F5 IDP chaining to external IDP guide here: https://devcentral.f5.com/s/articles/apm-cookbook-saml-idp-chaining
 
Im thinking perhaps also chaining the three F5 IDP's together may produce the desired result as well by recreating the SAML assertion between the 3 IDP's
 
All these IDP vips/policies exist on the same device which is a HA pair of appliance BIG-IP's
 
Thanks
 
Jzimm