We are implementing a Custom Apex JIT Handler for a Single Sign On Configuration. The JIT Handler is invoked by the system using the following methods:
- global User createUser(Id samlSsoProviderId, Id communityId, Id portalId, String federationIdentifier, Map<String, String> attributes, String assertion)
- global void updateUser(Id userId, Id samlSsoProviderId, Id communityId, Id portalId, String federationIdentifier, Map<String, String> attributes, String assertion)

When the assertion is not encrypted we get all of the parameters passed in to these methods. When the assertion is encrypted everything is passed in but the attributes parameter is empty.

Has anyone experienced this issue?