Hello Hubert, thank you so much for your response.
I was very excited to try this solution, but it did not work for me. This expression you gave me: [GET('memberOf') ~CONTAINS ('jira*) ? "jira-user" : "null-user"] kept on returning "null-user" for the attribute value. I tried breaking it down and having it - - > GET('memberOf') ~CONTAINS ('*jira*') and it return value of "False" for the attribute. Looks like for some reason this expression could not find my AD group "CN=jira-dev-teams,OU=Permissions,DC=regence,DC=com" of which I am a member of that group.
To test to make sure that is finding this AD group from the "memberOf" attribute, I created another Expression attribute called "EX_jira2) with the following Expression - - > FILTER(GET('memberOf'), '*jira*') and it retured this value for the attribute:
"<ns2:Attribute Name="AggCsv-roles-e"NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"><ns2:AttributeValue>CN=jira-team123-team,OU=Permissions,DC=regence,DC=com^CN=jira-dev-teams,OU=Permissions,DC=regence,DC=com</ns2:AttributeValue>"
Could you look more into the expression that you gave me and help me figure out why it is not finding the "jira" AD group from the "memberOf" attribute?
Much thanks!