Is it possible to have en external IDP, let the user login via the IDP and then use SAML2 attributes in a header injection to webpage behind NAM without creating a local user (no user matching or provisioning)? Today we create a local user and use "LDAP Attribute" to inject information but we'd rather just have the user information there while logged in.