This may sound like an odd request, but I'm trying to see if there is a way I can use variable data, like LDAP attributes or Virtual attributes, within a Redirect URL in an Auth policy, almost like a macro?

I want to craft some "smart" links to redirect users to various Office 365 services, but the problem is I have 60+ domains to deal with. The Microsoft smart links have the domain as a component.

For example, if I want to send a user to Outlook Web Access, bypassing the "Select an Account Page", I use a smart link like this:

Code:
https://login.microsoftonline.com/login.srf?wa=wsignin1.0&whr=mydomainhere.com&wreply=https://outlook.office365.com/owa/
Where "mydomainhere.com" is replaced with the user's federated domain in Office 365.

What I'd like to do is grab it off the user's UPN or mail attribute and "craft" the URL on the fly in a policy.

Any ideas how I could do something like that right in NAM?

Thanks.

Matt