Hi,
We have default http headers set by siteminder while redirecting to target. You can make use of them to validate at Knox in order to provide the access to users.
For ex:
HTTP_SM_USER - Indicates the login name of the authenticated user. If a user does not provide a user name at log in, such as certificate-based authentication, then this variable is not set.
You can use this http header and validate at knox.
If you have any specific use case, please mention it.
Thanks,
Sharan