open id 

HomeActive Directory

Issues related to Active Directory

Safely Changing Email for SAML-Enabled Accounts Messages in this topic - RSS

jpfazzan
jpfazzan
Posts: 2


1/12/2021
jpfazzan
jpfazzan
Posts: 2
Our organization uses Microsoft Graph to federate passwordless authentication to customer IDPs or use token-based logins to users without a federated IDP. We create a simple account in our Azure AD to track identity during the invite process as well as write details down to Decisions local accounts via our SAML account creation flow.


I'd like to understand how we should go about tying a Decisions account to a different username/userID after the user has been provisioned? For example:
  • User wants to change their email address
  • User switches from an Outlook.com account to a gmail.com account (they would potentially have two different Azure IDs)



Would it be possible to design a flow which can take in a request for an email change and automate updates? e.g. REST PATCH to the Azure AD record, adding the fka email to otherEmails, updating the userId/Primary email for the user's account, and if necessary rekeying any assignments or dashboard workflow extensions to list the new email address.
0 link






Powered by Jitbit Forum 8.3.8.0 © 2006-2013 Jitbit Software