Enable SAML automatic user account provisioning
- 版本:
- 已更新: 2024/03/21
Enable SAML automatic user account provisioning
The SAML automatic user account provisioning option automatically creates, updates, and activates Identity Provider (IdP) user accounts and provisions them in the Control Room using SAML authentication.
Prerequisites
Note: This feature requires the Enterprise Platform
license. Contact your Automation Anywhere account representative for more information
about this license.
The following is the workflow for SAML automatic user account provisioning:
- An IdP user signs in to the Control Room.
- The IdP user is redirected to their IdP SSO sign in page.
- The IdP user authenticates on their IdP sign in screen.
- A SAML assertion that includes the user details is sent from their IdP to the Control Room.
- The Control Room validates the SAML assertion with the IdP
group mapping configured in the Control Room and performs the
following actions:
- If the user does not exist in the Control Room, the user is created with the attributes included in the SAML assertion and assigned the roles as configured in the IdP group mapping.
- If the user already exists in the Control Room and is active, the Control Room validates the SAML assertion to identify any changes in the user information and roles and updates the user information accordingly.
- If the user already exists in the Control Room and is inactive, the Control Room enables the user, validates the SAML assertion to identify any changes in the user information and roles, and updates the user information accordingly.