Changes

Single Sign-On

42 bytes removed, 9 December
Expected Behaviour for Role Mapping
<!--Ticket#124791 - SSO to update roles for existing users for a fully federated SSO-->
 
''' '''<br />'''''Role Mapping'''''''' set to ''''''''Disabled'''''''' / ''''''''Create New User'''''''' on ''''''''No Match'''''''' is ''''''''OFF'''''
* User will not be created if user does not exist in the SmartSimple instance
* Only existing users in the SmartSimple instance will be able to login and no role/status updates for existing users
<br />'''''Role Mapping ''''''''set to ''''''''Disabled'''''''' / ''''''''Create New User'''''''' on ''''''''No Match'''''''' is ''''''''ON''''''''  '''
* '''''Define User Roles Through Custom Attribute '''is ''' OFF''''' User will be created with default new user role / default new user status settings if user does not exist in the SmartSimple instance* '''''Define User Roles Through Custom Attribute '''is ''' ON''''' User will be created with the roles listed in SSO assertion 'Roles' if users does not exist in the SmartSimple instance  (role names should align with system role names in instance)
* No role/status updates for existing users
<br />'''''Role Mapping'''''''' set to ''''''''Enabled'''''''' / ''''''''Create New User'''''''' on ''''''''No Match'''''''' is ''''''''OFF'''''
* '''''Create New User'''''''' on ''''''''No Match'''''''' is ''''''''OFF''''' User should not be created on the system if not already created when using SSO to access system* '''''Create New User'''''''' on ''''''''No Match'''''''' is ''''''''ON''''' User will be created with default new user role / default new user status settings if user does not exist in the SmartSimple instance
* Existing users: no change for existing roles that are '''NOT''' within the list of "'''Roles to be Monitored'''"
* Existing users: roles that are in the list of "'''Roles to be Monitored'''" will be updated, based on Role Mapping, the user will be provisioned with all the roles as defined by the assertion attributes, and will be stripped of any roles that they may currently possess that are listed in this setting but were not defined in the assertion attributes.
Smartstaff
136
edits