Filtering applications
If you want to decide which users should see which applications, you can do that through roles.
If an application has the requires_any_role parameter :
"requires_any_role": "Office365",Then only user with incoming SAML assertion parameter roles with value Office365 will have that application available.
