Transfer of arbitr. context data with SAML
17.4.6.3. Airlock IAM configuration transferring arbitrary context data attributes with SAML

In SSO (single sign-on) using SAML the authenticated user's name, roles, context data and other data related to the authentication process (authentication instant, method, etc.) can be sent to the receiving system.

This tutorial describes how Airlock IAM can be configured to transfer arbitrary attributes from the user's context data container, the username, the roles or even static attributes from a SAML Identity Provider (IDP) to a SAML Service Provider (SP).