Doing the integration of ClearPass with an external SAML provider have found that it always returns what it seems a session hash in the form _c2a4644f8539621ea3f, every session is a different hex number.
At this time using the access tracker I can see the correct username in the computed attribute Application:SSO:Username.
How can I map it back so it is used in Authentication:Username?
From the IdP side I can controll the attribute name that is used to send back the username.
Already tried to override the Authentication:Username attribute from the enforcement profile but it comes back under Application:Authentication:Username.
Thanks,