Which User is Authorized?
SAML Assertions contain both NameID and Attribute data items identifying and describing the user being authorized by your identity provider. Glance uses the NameID data item to identify a user, and also uses the Attribute you specify in the User Identity Attribute Name field of Glance’s provisioning screen.
Glance users have either email addresses or Partner UIDs, or both, registered in our system. We compare the two data items in the SAML Assertion with both Email Address and Partner UID to identify the correct user.