Provision users to use SSO

AD

When provisioning new users, you can set them to use SSO by assigning them to an SSO security policy. If you are using a SAML User ID Type of Federated ID, you must set the Federated ID value in the user profile. Note that Federated IDs must be unique within a domain.

About SAML user ID types

The two options are Network User Name and Federated ID.

  • Choose Network User Name if you plan to store Network user name as an attribute in your IdP user directory, or if the Network user name happens to exactly match your enterprise user names. Basically, this puts the burden on the IdP to map enterprise user name to Network user name.
  • Choose Federated ID if you plan to store enterprise user name in the Federated ID field on the Network user profile. This puts the burden on Network to map from enterprise user name to Network user name.