Sync users form Azure AD to Decisions
Comments
-
We are using SAML, and were wondering if the setup we have can sync the users from our AD to the decisions server? In testing I cannot see user accounts until they attempt login. So, with this configuration we have to wait for someone to login before we can assign them to a group. What are the options to have user accounts sync or be automatically added to a group that we designate based on domain name?
-
A quick answer to your question is kinda but not in any easy or scalable way. Since you are using SSO, we outsourced the entire login/account process to SAML. Technically, yes, you could run an AD sync and bring in all the users at one time, but it wouldnt be dynamic, and they would be created as native accounts, which means there would have to be some additional clean up action to convert them into SAML accounts.
As far as handling group assignments or any changes you want to make to the accounts, you can leverage some native features we have, like our SAML log inflow, to parse through the accounts as they log in and assign them to groups, or update attributes. IF you want this to be dynamic, and happen each time at login, you would need to upgrade to decisions version 6.10 or later to take advantage of the attribute "run flow on each log in" which would allow you to dynamically interact with these accounts each time they log in
Howdy, Stranger!
Categories
- 2.1K All Categories
- 17 General
- 154 Installation / Setup
- 988 Flows
- 86 Rules
- 199 Administration
- 203 Portal
- 429 General Q & A
- 596 Forms
- 282 Reports
- 3 Designer Extensions
- 38 Example Flows
- 32 CSS Examples
- 1 Diagram Tile
- 5 Javascript Controls
- 137 Pages
- 1 Process Mining
- New Features
- 147 Datastructures
- 49 Repository
- 165 Integrations
- 25 Multi-Tenant
- 21 SDK
- 39 Modules
- 36 Settings
- 19 Active Directory
- 12 Version 7
- 34 Version 8