I'm trying to return user's AD groups to Fortigate firewall using Fortigate-Group-Name attribute. If I select %{Authorization:Contoso_AD:Groups} as the value, and user has three groups the return values is for example
"Fortigate-Group-Name: Exchange_Users, SSLVPN_Marketing, SomeOtherGroup"
Is it possible to either filter these so that CPPM would return only groups starting with SSLVPN or is it possible to have CPPM to return three attributes, one group per returned attribute? Either would work with Fortigate
Thanks!