It doesn't appear that the authorities are being populated as groups in the SAML auth response. Is this something that can be supported. I looked at the code and can submit a pull request if it makes sense. Let me know.

I'm sorry, but I don't know what you mean precisely. Perhaps you can show an assertion as you envision it should look?

Here is an example of what the "groups" attribute in the assertion could look like.

Alright. So as you probably know, it's already possible to set attribute values via the API like this (see README.md):
curl -v -H "Accept: application/json" -H "Content-type: application/json" -X PUT -d '["3b955337-a370-4f3a-94aa-601566fa6f09","ab44acba-53ee-4dbe-8842-9459fb06cb3f","ea89fae5-7431-4a33-8d84-398b15e1553f","34f8b2d4-9a9e-473a-a52b-b289f7a23c76","4189a431-2beb-4bb3-aa93-7cebcf628eae"]' https://your-mujina-location/api/attributes/groups (for attribute name just groups).

Indeed it seems now not possible to set an attribute that has slashes in the name, you will get a 404 if you POST to something like https://mujina-idp.test2.surfconext.nl/api/attributes/http%3A%2F%2Fschemas.microsoft.com%2Fws%2F2008%2F06%2Fidentity%2Fclaims%2Fgroups if you want the full url attribute name.

A PR that would allow such attributes to be set would indeed be welcome.

Ah cool! That makes sense. I hadn't considered that I could post a multi-value attribute. I'll take a peek at supporting "/" in the attribute name. I don't really need it for my purposes but would be happy to contribute the enhancement.