When configuring SAML for use with Aqua, the following error message may be observed:
In this case, the SAML IdP is not properly sending the correct attribute in the response. The attribute that is configured to send the user's email address must be set to the following identity claim:
Different SAML providers name the attribute fields differently, but the important thing to note is that the attribute name must be set to the above string and its value must be configured to pass the user's email address.
|Attribute Name||Attribute Value|