The business case is Active Directory Federation Server as Identity Provider passing a claim to Salesforce as Service Provider.
In ADFS, we map sAMAccountName to Name ID.
In Salesforce, we populate Federated ID on the user record with the value of sAMAccountName.
Works great, assuming case matches. Our AD sAMAccountName values are not consistently cased (new ones are, but over the years this has not been true). Rather than intervene at the AD level to make case consistent for records that predate our AD provisioning policy and process, I would prefer to transform the ADFS claim to force case (and populate Salesforce Federated ID with the same case).
I wondered if RegExReplace could work in an ADFS claim, but have not found any examples. Has anyone solved this or a similar problem? Thank you for your help.
I did the case transform via a custom attribute store.
It allows you total flexibility to do anything you want.