Automatic user creation automatically generates new user accounts on your behalf when your users go through the SSO authenticate process. This feature provides granular control of what user roles Aembit assigns to new users it creates. For more details, see how automatic user creation works.
Prerequisites
Section titled “Prerequisites”To enable automatic user creation in your Aembit tenant, you must have the following:
-
A Teams or Enterprise subscription plan.
-
Your Identity Provider’s (IdP) SAML group claim information attribute names and values.
Map IdP SAML attributes to Aembit user roles
Section titled “Map IdP SAML attributes to Aembit user roles”To map the group information sent from your Identity Provider to the roles available in your tenant, follow these steps:
-
Log in to your Aembit tenant.
-
In the left sidebar mene go to Administration —> Identity Providers.
-
Create a new Identity Provider or edit an existing one, and then select the Mappings tab.
-
Click Edit if not already in edit mode.
-
Click New, which adds a new row to the table Role Assignments table.
-
In the SAML Attribute Name column, use the dropdown to select an existing attribute name or click ”+” to add a new one. Make sure the values correspond to the groups defined in your Identity Provider.
-
In the SAML Attribute Value column, use the dropdown to select an existing attribute value or click ”+” to add a new one. Make sure the values correspond to the groups defined in your Identity Provider.
-
In the Aembit Roles column, use the dropdown to select one or more Aembit roles.
-
If needed, repeat the previous four steps.
-
Click Save.