Using email instead of user_name on SSO

Go to solution
Keith Gonzales
Kilo Sage

‎02-10-2022 07:45 PM

Hi.

I just want to ask, is it possible to use the email field instead of the user_name field when using external login? Our users are synched from AD, and some of their usernames exceed 40 characters, so when they try to login, the system couldn't find their user_name because it's truncated. I found two properties in sys_properties table:

  • glide.authenticate.header.value
  • glide.authenticate.multisso.login_locate.user_field

both of which has user_name as their value. The second one is the property listed in the Multi-Provider SSO > Administration > Properties. I wonder what property we could change to email and what other configurations we have to do after changing the property?

Has anyone ever tried this before?

I've already seen questions like this, but the authors didn't verify if the answers they received were helpful.

Thank you very much for taking your time to read (and hopefully answer too) this post.

  • 5,796 Views
1 ACCEPTED SOLUTION

Go to solution
shloke04
Kilo Patron

‎02-10-2022 09:23 PM

Yes you can use it. We are also using email for us instead of User Name.

You need to follow the steps below to achieve this:

1) Navigate to the module "Identity Provider" and open the SSO record which you have configured and then under "Advanced" tab change user_name to Email as shown below

find_real_file.png

find_real_file.png

 

2) Also after this, Navigate to the properties module and make sure to change it here as well as shown below:

find_real_file.png

find_real_file.png

 

Also after these changes are done you need to work with your OKTA team as well to make this change at their end as well so that user can authenticate correctly.

Hope this helps. Please mark the answer as correct/helpful based on impact.

Regards,
Shloke

Hope this helps. Please mark the answer as correct/helpful based on impact.

Regards,
Shloke

View solution in original post

Preview file
32 KB
Preview file
93 KB
Preview file
78 KB
Preview file
32 KB
Preview file
37 KB
7 REPLIES 7

Go to solution
Logan Poynter
Mega Sage
Mega Sage

‎02-10-2022 08:08 PM

You can use email, the default is just user_name and you were in the right Properties. In the property The field on the user table that identifies a user accessing the User identification login page, enter the field on the User table that contains the value the IdP uses to identify the user. The default value is user_name.
0 Helpfuls

Go to solution
Nayan Mahato
Tera Guru

‎02-10-2022 08:08 PM

Hi Keith,

You simply go to the "Identity provide page" and on that page under the advance section just change the user field with email and it should work. Thanks.

find_real_file.png

find_real_file.png

Regards,

Nayan

Preview file
58 KB
Preview file
26 KB

Go to solution
Keith Gonzales
Kilo Sage
In response to Nayan Mahato

‎02-10-2022 08:31 PM

Hi, Nayan.

What are the values in your instance for the properties I mentioned above?

0 Helpfuls

Go to solution
Nayan Mahato
Tera Guru
In response to Keith Gonzales

‎02-11-2022 08:26 AM

Hi Keith,

you just need to change the user field value to email in the advance tab and another to the below multi-provider SSO properties page . Thanks.

find_real_file.png

Regards,

Nayan

 

Preview file
69 KB
0 Helpfuls