We have an application that accepts a ping token, next calls ping for user and role details. For now, an user and role details returned are from Production Active Directory when running in IT or UAT. What would be easy way to get role information when we call IT Ping Fed (or UAT Ping Fed if running in uat) -- Can we specify any flag or some kind of technique that will return environment specific roles/adgroups to come from IT or PROD? Some cases application needs prod ad group/roles or some cases application needs IT or UAT roles. Can you please recommend few options or techniques?
Here is an GetRoles call:
POST: https://it-sso.company-dns.com/idp/userinfo.openid
HEADER: Authorization: (PingToken)