I'm using IdP 4.0.1 with SAML proxying (to Google Apps/GSuite).
I see the IdP adds <saml2:AuthenticatingAuthority>https://accounts.google.com/o/saml2?idpid=...</saml2:AuthenticatingAuthority> into AuthnContext (in AuthnStatement in AuthnAssertion)
I see this functionality was added
IDP-1117 - recording the upstream IdP as an ProxyAuthenticationPrincipal and then adding this as AuthenticatingAuthority into the AuthnContext.
Could there be a switch to suppress this behavior?
Given how much attribute mapping is done in the (proxying) IdP, I'd rather make it authoritative on its own.
Could this (suppressing the AuthenticatingAuthority) please be added as optional behavior?