Idea ID: 1661116

Add a setting that determines if users are created automatically in BO when SSO is enabled

Status : Declined
over 2 years ago

There is already a QCCR opened for this request -QCCR1E149323

It is said that an idea exchange is required.

The backgroud is that in SAML enabled environment, custom created one script by their own which imports users to IDM directly, along with additional user rights settings. 

Custom problem is: 
When not imported users try to access SMAX, the user is identified by SSO, BO has no imported record for the user and automatically creates it in SMAX.

This can happen because of a delay in the import job. The user is created in SAML IDP but not imported in SMAX as the script has not been run yet. This leads two different issues:

a> The automatically created user do not get the right settings like the imported users.

b> When the user is imported by the scheduled script we end up with a duplicate and the user is not able to log on

Custom expectation: A configuration so that a user who does not exists in SMAX  cannot log in even if it exists in AD/IDM solution set up for SSO
 
 

Tags:

  • Thank you for your idea. At this time, your idea hasn’t received enough community support and doesn’t align with our priorities so we are closing this idea. But we may review this again in the future. Thank you for your support and continue posting & voting on ideas to help make our products better.
  • Thank you for sharing your idea! It’s open for comments and kudos, and we’re looking forward to input from the community. Once there is enough community traction, it will be further reviewed by the product team

  • Hi  - just to let you know that I haven't changed the status of this to "waiting for votes" as there is some discussion related to the originally logged case. I'll update this idea once we have the outcome of that. Thanks!