TommyC.44066 (Customer) asked a question.
We are currently testing the Okta Hub & Spoke model.
We have successfully managed to setup a Hub, Spoke and routing based on application.
When a user present in the Spoke using the appropriate application I can authenticate.
Part of our requirement though is to restrict any form of PII (including email addresses) to leak from our Spoke Org(s) to our Hub Org. We have very strict policies governing our requirements on this topic.
With this in mind I am attempting to limit the data being exchanged via SAML to only our internal identifiers when JIT on the Hub has to create an entity.
I have read numerous documents and scanning the support questions have not come across a clear case matching our requirement. Though the Hub & Spoke model is marketed as a perfect model to solve this problem.
Has anyone had any success with this and are there clear step-by-step guides available to explain to us how to successfully implement this type of model?

I don't know of any out-of-the-box solution for this.
I know that we have HIPAA/FedRAMP compliant environment org options that might treat PII differently than regular orgs but I'm not sure even those would offer a way to keep PII separated if you have multiple orgs involved.
My advise would be to reach out to your Okta Account Executive or Customer Success Manager to discuss options.
If you do not know who they are or don't have their contact info, just open a case and ask our Support team to put you in touch.
I hope that will help or at least give you a definitive answer!