Saml issue


I’m using the /delegation endpoint to generate AWS API keys in order to access dynamodb data. Problem is that in AWS I have a policy that will allow access to only ${saml:sub} but saml:sub is auth0|longid, is there a way to make saml:sub to contain ONLY that longid?