Currently, scope attribute mappings(ie. email=mail) are hard coded within OpenAMScopeValidator class. This is a sample scope validator class which the source code is provided to users for customization, but it would be nice to have these mappings to be configurable via admin console like users can with SAML. In each SAML configuration you can map a SAML attribute to a user attribute. This functionality would account for the potential for multiple email addresses and other attributes that don't always follow the suggested LDAPv3 attribute names.