Symantec Access Management

Hi,
We have 12 groups and user will be part of anyone among these groups.
I need to send the display name of that group where user is present as SAML response.
SAML response should contain only one display name of that user belongs to but not extra empty lines as below.

<ns2:Attribute Name="Roles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
     <ns2:AttributeValue>DisplayName1</ns2:AttributeValue>
     <ns2:AttributeValue>DisplayName1</ns2:AttributeValue>
</ns2:Attribute>

Response should be like this for the user:

<ns2:Attribute Name="Roles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
   <ns2:AttributeValue>DisplayName1</ns2:AttributeValue>
</ns2:Attribute>

I am able to get display name from 2 groups using expression but not from 12 groups.
Any suggestions?

Can someone suggest on this please?
Original Message:
Sent: 08-26-2019 09:19 AM
From: Karthick Sugumaran
Subject: Expression to send group name in SAML

Hi,
We have 12 groups and user will be part of anyone among these groups.
I need to send the display name of that group where user is present as SAML response.
SAML response should contain only one display name of that user belongs to but not extra empty lines as below.

<ns2:Attribute Name="Roles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
     <ns2:AttributeValue>DisplayName1</ns2:AttributeValue>
     <ns2:AttributeValue>DisplayName1</ns2:AttributeValue>
</ns2:Attribute>

Response should be like this for the user:

<ns2:Attribute Name="Roles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
   <ns2:AttributeValue>DisplayName1</ns2:AttributeValue>
</ns2:Attribute>

I am able to get display name from 2 groups using expression but not from 12 groups.
Any suggestions?

Found the Expression (GET('isMemberOf') CONTAINS ('Admin') ? 'DisplayName1' : '') + (GET('isMemberOf') CONTAINS ('Reviewer') ? 'DisplayName2' : '') + (GET('isMemberOf') CONTAINS ('Viewer') ? 'DisplayName3' : ''). It worked.
Original Message:
Sent: 09-03-2019 11:09 AM
From: Karthick Sugumaran
Subject: Expression to send group name in SAML

Can someone suggest on this please?
Original Message:
Sent: 08-26-2019 09:19 AM
From: Karthick Sugumaran
Subject: Expression to send group name in SAML

Hi,
We have 12 groups and user will be part of anyone among these groups.
I need to send the display name of that group where user is present as SAML response.
SAML response should contain only one display name of that user belongs to but not extra empty lines as below.

<ns2:Attribute Name="Roles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
     <ns2:AttributeValue>DisplayName1</ns2:AttributeValue>
     <ns2:AttributeValue>DisplayName1</ns2:AttributeValue>
</ns2:Attribute>

Response should be like this for the user:

<ns2:Attribute Name="Roles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
   <ns2:AttributeValue>DisplayName1</ns2:AttributeValue>
</ns2:Attribute>

I am able to get display name from 2 groups using expression but not from 12 groups.
Any suggestions?