Hi all,
I followed this doc : https://docs.apigee.com/api-platform/system-administration/enabling-saml-authentication-edge to enable SSO with SAML on my private cloud apigee instance.
It works fine, but when I authenticate, I’ve got an error because my user has not been previously created in apigee.
Is there a way to use a custom class implementation after SSO to be able to create apigee user automatically ?
Also, I would like to get the users authorizations during SSO (my IDP put them in the SAML assertion).
Is there a way to access SAML assertion in an implementation of ExternalRoleMapperServiceV2 ? (I refer to https://docs.apigee.com/private-cloud/v4.18.05/external-role-mapping)).
Thanking you,
According to this article https://www.drupal.org/docs/8/modules/apigee-edge/what-information-is-stored-on-apigee-edge , the user should be automatically created on Apigee edge after user creation on Drupal portal, right?
Thanks for your answer.
I’am not using drupal dev portal, I’am using Edge-UI to authenticate my org employees.
either you can try to disable sso, create user and re-enable,
or you can try to create user with this management API:
https://apidocs.apigee.com/docs/users/1/routes/users/post
about automation, you can use IDM systems - first > create the user inside IDM (saml\ad or whatever you are using for your saml provider), next - use management API and create user. I remember you can map groups with AD and local LDAP groups(and now I see you provided the link), but creating user via that - not sure. Need to look @ the java code to see what it does, either way not sure it will be supported.