Changes for page Single Sign-On (SSO) via SAML
Last modified by Mark Kohlmann on 2025/05/10 00:45
From version 2.1
edited by Mark Kohlmann
on 2025/05/09 19:59
on 2025/05/09 19:59
Change comment:
There is no comment for this version
To version 3.2
edited by Mark Kohlmann
on 2025/05/10 00:45
on 2025/05/10 00:45
Change comment:
There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -18,58 +18,15 @@ 18 18 ==== SAML IdP Claim Mapping: ==== 19 19 20 20 |=Function|=Attribute Name|=Required|=Expected Value|=Sample Values|=Notes 21 -|User Id| 21 +|User Id|{{{http://schemas.microsoft.com/identity/claims/objectidentifier}}}|Y|GUID or unique identifier within the IdP system|{{{101507cb-90da-473d-bfa7-9967979824e7 00ab9c907defGhIJ1697}}}|If a GUID is not returned then the value is hashed and converted to a GUID 22 +|Username|{{{http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier}}}|Y|username or email address|{{{john.doe jane.doe@example.com}}}| 23 +|Display Name|{{{http://schemas.microsoft.com/identity/claims/displayname}}}|Y|User's name|Example: John|{{{John Doe}}}| 24 +|User Group|{{{http://schemas.microsoft.com/ws/2008/06/identity/claims/role}}}|Y|User's Group Name|{{{Administrators End Users General Users}}}|Must match a ShowRunner User Group name 25 +|PIN|pin|N|User's passcode/PIN code for touchscreen|{{{123456}}}| 26 +|Touchscreen Access Level|touchscreenAccessLevel|N|Access level for the user when access a touchscreen|{{{Valid Values: None, Technician, User Example: Technician}}}| 27 +|Login Permitted|userLoginPermitted|N|Locations where a user can login. Multiple values are supported|{{{Valid Values: None, Touchpanel, Web Example: Touchpanel,Web}}}|Comma separated listed of valid values 28 +|Login Method|userLoginMethod|N|How a user can login|{{{Valid Values: None, Username, PIN Example: Username,PIN}}}|Comma separated listed of valid values 22 22 23 -{{{http://schemas.microsoft.com/identity/claims/objectidentifier}}}|Y|GUID or unique identifier within the IdP system| 24 - 25 -{{{101507cb-90da-473d-bfa7-9967979824e7 26 -00ab9c907defGhIJ1697}}}|If a GUID is not returned then the value is hashed and converted to a GUID 27 -|Username| 28 - 29 -{{{http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier}}}|Y|username or email address| 30 - 31 -{{{john.doe 32 -jane.doe@example.com}}}| 33 -|Display Name| 34 - 35 -{{{http://schemas.microsoft.com/identity/claims/displayname}}}|Y|User's name 36 -Example: John| 37 - 38 -{{{John Doe}}}| 39 -|User Group| 40 - 41 -{{{http://schemas.microsoft.com/ws/2008/06/identity/claims/role}}}|Y|User's Group Name| 42 - 43 -{{{Administrators 44 - 45 -End Users 46 - 47 -General Users}}}|Must match a ShowRunner User Group name 48 -|PIN|pin|N|User's passcode/PIN code for touchscreen| 49 - 50 -{{{123456}}}| 51 -|Touchscreen Access Level|touchscreenAccessLevel|N|Access level for the user when access a touchscreen| 52 - 53 -{{{Valid Values: 54 -None, Technician, User 55 - 56 -Example: 57 -Technician}}}| 58 -|Login Permitted|userLoginPermitted|N|Locations where a user can login. Multiple values are supported| 59 - 60 -{{{Valid Values: 61 -None, Touchpanel, Web 62 - 63 -Example: 64 -Touchpanel,Web}}}|Comma separated listed of valid values 65 -|Login Method|userLoginMethod|N|How a user can login| 66 - 67 -{{{Valid Values: 68 -None, Username, PIN 69 - 70 -Example: 71 -Username,PIN}}}|Comma separated listed of valid values 72 - 73 73 ==== Notes: ==== 74 74 75 75 * Value mapping must be done on IdP side