No more manual user group and resource role management within EPC forever! When a user is newly hired, or changes Role/Title within the organization IdP (SSO/SAML2) – immediately upon EPC login, the system will automatically add/update their Groups and Role(s) / Title(s) within EPC.
Zero human intervention required forever (user, resource, roles & groups) means AUTOMATIC:
- Addition and removal of a user’s group(s)
- Import of user as a resource into a new environment with access permission
- Addition / removal and publishing of resource title(s) / role(s)
- Creation of confirmation & training tasks based on user’s new role(s)
- Un-touch / maintain all supplementary EPC defined & assigned roles
- Un-touch / maintain all supplementary EPC defined & assigned groups
- Alignment and reuse of current epc groups with Idp groups based on name (no duplication)
How it works
To enable this feature, system admins need to modify the ENABLE_SAML_SYNC_GROUPS and ENABLE_SAML_SYNC_TITLE Advanced settings from ‘false’ to ‘true’.
Additional Rules
- If a user is associated with a group within AD that is not already in EPC, EPC will automatically create the group and add the user to it.
- If a user is already a member of a group that is not valid in AD, and the group assignment was made via AD (and not within EPC), the user will be removed from the group.
- If a user is associated with a group in EPC that was not originally created by AD, the user will remain a member of that group.
- When a user logs in EPC, the system creates the user’s resource and associated role(s) if they do not already exist. Then, the system assigns the resource to the role(s).
Hinterlasse einen Kommentar.