We currently have 2 SAML providers (In-house IdP and Azure AD). We'd like to take advantage of the SCIM 2.0 functionality, which is supported only through our Azure AD environment. SCIM is not supported in our in-house IdP at the moment.
All of our users are currently linked to our in-house IdP through the Accounts screen in LFDS.
Both SAML providers share the same information in terms of username (ex. Username in Azure AD will be 123456, and In-House IdP would be 123456 as well). I thought I was going to be a genius by being able to link both Identity Providers within LFDS, but turns out I was wrong. You cannot link a SAML provider to another SAML provider.
Are there any tips or workarounds that would enable us to make this work? Ideally, if they are signing in through Azure AD or through our In-house IdP, its the same username and should be mapped to the same person within LFDS, regardless of which Identity Provider authenticated the user.
Another fun feature request for SCIM 2.0 would be to enable "role-based" license assignments. Right now, there's only 1 option of assigning 1 type of license per provider. Allowing the SAML provider of assigning that license based on roles within the organization would allow much more flexibility.