Using email instead of user_name on SSO

Keith Gonzales · ‎02-10-2022

Hi.

I just want to ask, is it possible to use the email field instead of the user_name field when using external login? Our users are synched from AD, and some of their usernames exceed 40 characters, so when they try to login, the system couldn't find their user_name because it's truncated. I found two properties in sys_properties table:

glide.authenticate.header.value
glide.authenticate.multisso.login_locate.user_field

both of which has user_name as their value. The second one is the property listed in the Multi-Provider SSO > Administration > Properties. I wonder what property we could change to email and what other configurations we have to do after changing the property?

Has anyone ever tried this before?

I've already seen questions like this, but the authors didn't verify if the answers they received were helpful.

Thank you very much for taking your time to read (and hopefully answer too) this post.

shloke04 · ‎02-10-2022

Yes you can use it. We are also using email for us instead of User Name.

You need to follow the steps below to achieve this:

1) Navigate to the module "Identity Provider" and open the SSO record which you have configured and then under "Advanced" tab change user_name to Email as shown below

2) Also after this, Navigate to the properties module and make sure to change it here as well as shown below:

Also after these changes are done you need to work with your OKTA team as well to make this change at their end as well so that user can authenticate correctly.

Hope this helps. Please mark the answer as correct/helpful based on impact.

Regards,
Shloke

Hope this helps. Please mark the answer as correct/helpful based on impact.

Regards,
Shloke

View solution in original post

shloke04 · ‎02-10-2022

Yes you can use it. We are also using email for us instead of User Name.

You need to follow the steps below to achieve this:

1) Navigate to the module "Identity Provider" and open the SSO record which you have configured and then under "Advanced" tab change user_name to Email as shown below

2) Also after this, Navigate to the properties module and make sure to change it here as well as shown below:

Also after these changes are done you need to work with your OKTA team as well to make this change at their end as well so that user can authenticate correctly.

Hope this helps. Please mark the answer as correct/helpful based on impact.

Regards,
Shloke

Hope this helps. Please mark the answer as correct/helpful based on impact.

Regards,
Shloke

Keith Gonzales · ‎02-10-2022

Hi, Shloke.

For number 1: the user field was already set to email even before I asked this question, so I think the system has been using email for SSO the whole time. From the screenshot the user has provided, they were able to login just fine because I can see their name on the upper right corner, but can't access anything, just 404.

For number 2: the property is set to user_name.

I tried impersonating the user to check if I'll get the same issue, but I didn't I can access things just fine.

Could this be what's throwing the error, the difference between the property and the user_field in advanced tab?

shloke04 · ‎02-10-2022

Can be the case. Try setting the property to email as well and then check again.

Regards,

Shloke

Hope this helps. Please mark the answer as correct/helpful based on impact.

Regards,
Shloke