Configuring NameID during SAML SSO
Not every cloud application uses email address for user account mapping during SAML SSO. You can accomplish this by adjusting the User Details.
- For flexibility, theand select the user to open the User Details Dialog. This dialog contains multiple attribute fields that can be populated manually or auto-populated via SAML or Active Directory Sync*.
- These fields include Netbios\SAM, SAM, UPN, ObjectGuid, as well as two Custom Attributes that can be manually configured.
- *Active Directory Sync can populate all of the fields except for the Custom Attributes.
- These fields include Netbios\SAM, SAM, UPN, ObjectGuid, as well as two Custom Attributes that can be manually configured.
- The attribute fields can be passed as the NameID claim during SAML SSO in situations where an email address is not sufficient or desired by the cloud app.
- The selected SAML NameID attribute is pulled from the associated User Details field and sent in the SAML Response from Forcepoint ONE SSE to the cloud app.
Navigate to the
and select the user to open the User Details Dialog. In the User Details Dialog you will notice the Custom Attribute fields.