we have a requirement to override the Pega operator ID on fly while invoking the single sign URL.
For example, if for a User we have the windows log on as "xyz" and his corresponding Pega operator ID is "abc" then when the user logs in onto Pega via SSO we want the "abc" operator instance to open up for the requestor.
We have done a similar thing for our windows authentication where when the user enters his user ID ("xyz") and password. in the authentication activity after the LDAP look up we call a decision table rule to map the corresponding Pega operator ID "abc" and open that instance.
Since SAMLAuth rule has a pre and post activity we have tried to do the same in both pre and post activity by calling this decision table but it did not help.
Where in the SAML auth rule should this check be done and how can this be achieved?
***Edited by Moderator Marissa to update Platform Capability tags****