Using Qlik SaaS solutions (QSEoCS) we intend to connect with multi cloud with our QSEoW setup. Generally things are working, but due to Open ID Connect being a specification and not a standard, some idp providers like Azure AD does not provide all claims that allows such an identity mapping to work.
The consequence is that all apps being deployed to a cloud solution gets published without an owner. This makes the "self-service" not a viable solution when using multi cloud.
In this particular case, the OIDC claim email_verified is missing. The on-prem SAML authentication that connects to this, seems to generally work.
The idea here is to be able to modify, to hardcode, to change or to alter how the identity mapping is enforced between the cloud and the on-prem solution, irrelevant of the idp provider. From the end-user point of view, everything is set up correctly (userid the same, name the same etc), but due to all different IDP providers interpreting OIDC differently, we need to be able to affect the setup in how Qlik handles the identities.