A common implementation between organisations involves setting up SAML and then facilitating auto-registration of users in the Notes domain.
We’ve recently needed to do this and could find no way of intercepting the authenticated SAML assertion in order to derive the incoming user details. We did consider DSAPI but opted not to go there due to lack of experience.
Finally we implemented a synchronous pre-registration step via a web service.
Is there a smarter way and not not, should there be a way?