I know we can set an active expression as the response attribute for policy domain. I want to know if I can set an active expression as an attribute for affliate domain as well. I know this can be done through AGP code, but I am not sure if there is any new feature that is available that makes this simpler. We would like to set the AD group a user is part of in the attribute.
For an example, we need to identify the user membership and record in SAML. Generally, we use SmWalker library for normal web agent SSO applications but for Affiliate domains we use AGP.
Is there feature which supports this without AGP library?