Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 2 Next »

Difficulty: expert

Content

Learning Objectives

After reading this article, you’ll be able to:

  • understand the flow of creation of Workplace users

  • understand the flow of updating user information through IDP

As an additional feature of Workplace SSO (see https://spacewell.atlassian.net/wiki/spaces/KB/pages/63799364/How+to+set+up+Workplace+SSO?atl_f=content-tree), user creation for Workplace Experience and Workplace Management can be configured, as such providing an alternative to an HR interface.

Automatic creation of Workplace users

The set-up of Workplace SSO has the hidden advantage that for every (new) Workplace user signing in, upon first login, Workplace creates an account on-the-fly (both in Workplace Management and Experience) and the user can start using the system.

image-20240124-132126.png

Auto-create user: A user logging in with Workplace ID (tenant.ID) or e-mail address is recognized as being part of a tenant where SSO has been setup and Workplace will automatically create a Cobundu account.

“Local Attribute mapping of IWMS User ID” dropdown: assuming the IWMS account already exists, this object defines which element of the IWMS user Cobundu will check to do the mapping (this field becomes redundant when “Auto-create IWMS Account” is enabled). Can be considered the joint piece of information available in both Identity Provider and IWMS, that will be used by Cobundu to map both.

Auto-create user is possible without any email domain being whitelisted, but then the user needs to log in with tenant specific ID or go through customer specific URL.

Best practice is to only enable “Auto-create user” when an email domain is whitelisted in the configuration.

Auto-create IWMS user: A user logging in with Workplace ID (tenant.ID) or e-mail address is recognized as being part of a tenant where SSO has been setup and Workplace will automatically create a Cobundu account AND an Axxerion account.

Auto-create IWMS user can only be enabled if Auto-create user is enabled.

Automatic update of Workplace users

The Identity provider is considered as the single source of truth. In other words: if the user is created automatically, the information is managed externally.

To make sure Workplace is always up-to-date with the user information, at each login (of an automatically created user), the following attributes are checked and updated (in both Workplace Management and Experience, if auto-creation is enabled for both):

  • user first name

  • last name

  • IWMS ID

Automatic Deletion of Workplace users

See Anonymizing data on how to delete or anonymize users in Workplace Management/Asset, so users will also be deleted in Workplace.

Untitled-20241120-160850.png

To start using this feature, contact your Spacewell Account Manager.

Search

  • No labels