Thanks for the clarification.
The SAMLIdentityProvider.InitiateSSO and SAMLIdentityProvider.SendSSO methods that create and send SAML responses, don't expose a method for setting the NameQualifier. Nor can this be specified through the SAML configuration. In our experience, the NameQualifier isn't used often.
You can implement the ISAMLObserver interface by extending the AbstractSAMLObserver class. These are under the ComponentSpace.SAML2.Notifications namespace.
The OnSAMLAssertionCreated method provides you with access to the SAMLAssertion object which you may modify as required.
You register your ISAMLObserver implementation by calling SAMLObservable.Subscribe.
Having said this, would you mind contacting [email protected]
? We might look at adding this support through the SAML configuration but I'd like to ensure we fully understand your requirements.