Question
Toyota Financial Services
AU
Last activity: 10 Feb 2020 20:05 EST
SSO -SAML - AD User ID format in PEGA
Currently, the organisation is using LDAP Authentication. The user's will login with the Windows Network ID and password. Now, the organisation is moving to use SSO Authentication. Implemented the successful handshake between the Azure AD and Pega Cloud.
But, as part of the implementation, there is an SSO login failure with the Network ID. The SSO login is successful if we created the PEGA Operator ID record with full user email address [email protected]. The Azure AD team transformed to pass the unique identifier {uid} as the operator network id[For example - abcd] as present in PEGA. But, there is an SSO failure with the message "Unable to process the SAML WebSSO request : Unable to derive operator from SAML assertion".
Can you please let us know, is there any user id format to follow in Pega to implement the SSO with the Azure AD?
FYI… Reference Articles:
***Edited by Moderator: Lochan to update platform capability tags***
Accepted Solution
Updated: 10 Feb 2020 20:05 EST
Pegasystems Inc.
IN
Hi,
The error description says that, the assertion attribute which is coming from AD is unable to find the derived operator in the pega systems.
You can achieve this in following ways.
- Using subject id from the assertion attributes.
- Creating the model operator and map atleast one attribute to create model operator.
Accepted Solution
Updated: 10 Feb 2020 20:05 EST
Pegasystems Inc.
IN
Hi,
The error description says that, the assertion attribute which is coming from AD is unable to find the derived operator in the pega systems.
You can achieve this in following ways.
- Using subject id from the assertion attributes.
- Creating the model operator and map atleast one attribute to create model operator.