Changes for page Single Sign-On (SSO) via SAML
Last modified by Mark Kohlmann on 2025/05/10 00:45
From version 3.1
edited by Mark Kohlmann
on 2025/05/10 00:25
on 2025/05/10 00:25
Change comment:
There is no comment for this version
To version 3.2
edited by Mark Kohlmann
on 2025/05/10 00:45
on 2025/05/10 00:45
Change comment:
There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -18,47 +18,15 @@ 18 18 ==== SAML IdP Claim Mapping: ==== 19 19 20 20 |=Function|=Attribute Name|=Required|=Expected Value|=Sample Values|=Notes 21 -|User Id| 21 +|User Id|{{{http://schemas.microsoft.com/identity/claims/objectidentifier}}}|Y|GUID or unique identifier within the IdP system|{{{101507cb-90da-473d-bfa7-9967979824e7 00ab9c907defGhIJ1697}}}|If a GUID is not returned then the value is hashed and converted to a GUID 22 +|Username|{{{http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier}}}|Y|username or email address|{{{john.doe jane.doe@example.com}}}| 23 +|Display Name|{{{http://schemas.microsoft.com/identity/claims/displayname}}}|Y|User's name|Example: John|{{{John Doe}}}| 24 +|User Group|{{{http://schemas.microsoft.com/ws/2008/06/identity/claims/role}}}|Y|User's Group Name|{{{Administrators End Users General Users}}}|Must match a ShowRunner User Group name 25 +|PIN|pin|N|User's passcode/PIN code for touchscreen|{{{123456}}}| 26 +|Touchscreen Access Level|touchscreenAccessLevel|N|Access level for the user when access a touchscreen|{{{Valid Values: None, Technician, User Example: Technician}}}| 27 +|Login Permitted|userLoginPermitted|N|Locations where a user can login. Multiple values are supported|{{{Valid Values: None, Touchpanel, Web Example: Touchpanel,Web}}}|Comma separated listed of valid values 28 +|Login Method|userLoginMethod|N|How a user can login|{{{Valid Values: None, Username, PIN Example: Username,PIN}}}|Comma separated listed of valid values 22 22 23 -{{{http://schemas.microsoft.com/identity/claims/objectidentifier}}}|Y|GUID or unique identifier within the IdP system| 24 - 25 -{{{101507cb-90da-473d-bfa7-9967979824e7 00ab9c907defGhIJ1697}}}|If a GUID is not returned then the value is hashed and converted to a GUID 26 - 27 -|Username| 28 - 29 -{{{http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier}}}|Y|username or email address| 30 - 31 -{{{john.doe jane.doe@example.com}}}| 32 - 33 -|Display Name| 34 - 35 -{{{http://schemas.microsoft.com/identity/claims/displayname}}}|Y|User's name 36 -Example: John| 37 - 38 -{{{John Doe}}}| 39 - 40 -|User Group| 41 - 42 -{{{http://schemas.microsoft.com/ws/2008/06/identity/claims/role}}}|Y|User's Group Name| 43 - 44 -{{{Administrators End Users General Users}}}|Must match a ShowRunner User Group name 45 - 46 -|PIN|pin|N|User's passcode/PIN code for touchscreen| 47 - 48 -{{{123456}}}| 49 - 50 -|Touchscreen Access Level|touchscreenAccessLevel|N|Access level for the user when access a touchscreen| 51 - 52 -{{{Valid Values: None, Technician, User Example: Technician}}}| 53 - 54 -|Login Permitted|userLoginPermitted|N|Locations where a user can login. Multiple values are supported| 55 - 56 -{{{Valid Values: None, Touchpanel, Web Example: Touchpanel,Web}}}|Comma separated listed of valid values 57 - 58 -|Login Method|userLoginMethod|N|How a user can login| 59 - 60 -{{{Valid Values: None, Username, PIN Example: Username,PIN}}}|Comma separated listed of valid values 61 - 62 62 ==== Notes: ==== 63 63 64 64 * Value mapping must be done on IdP side