NA Business Team
Category
Integration
Product Version
8.0
SAML Bridge - Specify the Client Org for Auto Provisioning
Completed
Hi,
We are setting up SSO with the SAML Bridge from the YF Marketplace, which works fine (thanks, sure saved me some time!). However, we are currently unable to enable the Auto Provision function with our multi-tenanted deployment.
It seems like new users are created automatically in the Default Client Org, and there is no option to change that-- only to set the default roles. Conversely, in Yellowfin it's not possible to add a Role to a Client Org, only specific People or an LDAP group.
For various reasons, it make sense to deploy one SAML Bridge per tenant, so this can be resolved by adding the Client Ref ID as as setting in the web.xml file.
Regards,
Bogdan.
I like this idea 
Hi Bodgan,
After chatting with the devs over here, this sounds like a feasible request, so I've gone ahead and raised a tasked to be reviewed by the product team in the future.
However, the ability to add users to an org based on role, has been added as a different idea here ,
Please let me know if you have any questions on this.
Thanks,
David
Hi Bodgan,
After chatting with the devs over here, this sounds like a feasible request, so I've gone ahead and raised a tasked to be reviewed by the product team in the future.
However, the ability to add users to an org based on role, has been added as a different idea here ,
Please let me know if you have any questions on this.
Thanks,
David
Hi Bodgan,
So have some good news on this! This is now possible by using the latest SAML bridge connector.
It will now accept the OrgRefId (This is the org reference name, not the OrgID). To use this, you will need to do the following;
Replace 3 files in samlbridge folder:
Please let us know how it all goes!
Regards,
David
Hi Bodgan,
So have some good news on this! This is now possible by using the latest SAML bridge connector.
It will now accept the OrgRefId (This is the org reference name, not the OrgID). To use this, you will need to do the following;
Replace 3 files in samlbridge folder:
Please let us know how it all goes!
Regards,
David
Hi David,
Appreciate the update.
However, our requirements have changed on this one and we are no-longer deploying a SAML bridge per tenant - so won't be needing this functionality after all.
Hope it comes in handy for others however. Perhaps the concept can be generalised to taking the OrgRefId from the assertion or the config?
Regards,
Bogdan.
Hi David,
Appreciate the update.
However, our requirements have changed on this one and we are no-longer deploying a SAML bridge per tenant - so won't be needing this functionality after all.
Hope it comes in handy for others however. Perhaps the concept can be generalised to taking the OrgRefId from the assertion or the config?
Regards,
Bogdan.
Replies have been locked on this page!