Looking for Reference Implementation / Flows for Group assignment from IdP Tokens (OIDC or SAML)
I'm starting an SSO integration with Decisions and want to map my Group claims from my IdP tokens to my user accounts in Decisions.
I see that I can create a custom flow that will be run at every login, however, I was looking if anyone had reference implementations that I could use which extracts groupIds from SAML tokens (XML) or group claims from JWT tokens to modify user account permissions.
Comments
-
Hello,
Thank you for contacting Decisions Support.
Using a SAML Login flow to run after each log in will allow passing in a list of Assertion Attributes These attributes are now organized in pairs containing the Attribute Name and Value. You can use a filter list step to filter out any unnecessary attribute names. The remaining attribute values would be associated with the value name with for groups. After getting the list, you can add additional logic to add any account to the necessary groups. This is just a brief overview on how you can extract the IDs.
Warning: Please Note: The examples attached were developed to be instructional, and were not developed as officially supported components. For more information or to engage our service team to develop fully supported, production quality solutions, please contact: services@decisions.com
Thank you,
Kobe
Howdy, Stranger!
Categories
- 4.3K All Categories
- 70 General
- 11 Training
- 206 Installation / Setup
- 1.1K Flows
- 109 Rules
- 267 Administration
- 212 Portal
- 496 General Q & A
- 706 Forms
- 338 Reports
- 3 Designer Extensions
- 48 Example Flows
- 56 CSS Examples
- 1 Diagram Tile
- 7 Javascript Controls
- 184 Pages
- 5 Process Mining
- New Features
- 182 Datastructures
- 69 Repository
- 228 Integrations
- 28 Multi-Tenant
- 27 SDK
- 81 Modules
- 57 Settings
- 25 Active Directory
- 12 Version 7
- 35 Version 8
- 130 Lunch And Learn Questions