Hello Folks, got a question for SAML flow where ForgeRock identity cloud is acting as SP in standalone mode.
We have an idp-init flow with user profile assertions sent to ForgeRock. I noticed the SP adaptor script can process the incoming SAML assertion, but with limitations. The ask here is to make API calls within SP adaptor script to external services, as well as retrieving users similar to openidm.query(). Looks like it’s not possible with SP adaptor script.
Alternatively, I’m thinking about SAML integrated mode, where you can leverage journey script, but it supports only sp-init flow and doesn’t support idp-init flow.
Any suggestion on how to workaround this? Thanks.
Best,
Le