...
Field | Description | Default value |
|---|---|---|
Legacy user mapping by username | Map Link users from user directory based on their username. This is a legacy option for backwards compatibility and should not be used on new user directories. This option is mutually exclusive with Link user with directory and Link ID fields. | False (not checked) |
Link user with directory | If true, link is made between existing Trivore ID user account and external user. This option is required is users are expected to this directory for sign-in instead of simply updating their attributes for, for example, strong identification purposes. Strong identification use-case assumes that user is already logged in and therefore link is not required. | Depends on directory. ADFS and generic SAML directories have this enabled whereas Suomi.fi directory has this disabled as it is most commonly used for strong identification only. |
Use NameID based linking | Use SAML special attribute NameID as identifying attribute (Link ID). Enabling this option disables the Link ID field as these fields are mutually exclusive. Please note that it is possible to refer to this attribute in Link ID field with its name NameID too (which nowadays makes this field kind of redundant) | True (checked) |
Use NameID as username | Use SAML special attribute NameID as username. Enabling this option disables the username field as these fields are mutually exclusive. Username field is available only if manual username policy is selected. Please note that it is possible to refer to this attribute in Link ID field with its name NameID too (which nowadays makes this field kind of redundant) | False (not checked) |
Hash username with SHA-1 | Hashes username values using SHA-1 algorithm. Useful if username values contain sensitive information. | False (not checked) |