About this article
This article contains questions and answers covering the functionality of Authentication into and User Management within Templafy.
- Can an email address be changed in Active Directory and updated in Templafy?
- Does Templafy support soft-deletion in Active Directory?
- Does enabling SCIM delete users that have been removed from Active Directory?
- How can I provision and onboard users?
- How can I deprovision and offboard users?
- Why does Templafy Desktop send MFA Prompts at Midnight?
- What is the Difference Between OpenID Connect and SAML2 Authentication?
- Can User Profiles be Automatically Updated with AD Claims?
Can an email address be changed in Active Directory and updated in Templafy?
No. Email address is a unique identifier in Templafy. If the email address of an existing user is changed, a new user will be created. The old user must then be deleted manually from Templafy.
Does Templafy support soft-deletion in Active Directory?
No. If SCIM is enabled and a user is soft-deleted in Active Directory, the user will be hard deleted by Templafy.
Does enabling SCIM delete users that have been removed from Active Directory?
If a user has been removed from Active Directory before SCIM was enabled, the user has to be manually deleted in Templafy. However, if SCIM syncs to Templafy at least once before the user is removed from Active Directory, the user will be automatically deprovisioned in Templafy.
|
How can I provision and onboard users?
Users are provisioned and onboarded depending on the authentication method used and the setup of the User Profile. The diagram below shows the user interaction required for every scenario.
|
How can I deprovision and offboard users?
Deleting a user from Active Directory or revoking their access to the Templafy application will deprovision a user from Templafy. If SCIM is enabled, the user will be automatically deleted from Templafy on the next run (every 40 minutes). If SCIM is not enabled, the user must be deleted manually from the Templafy tenant.
Why does Templafy Desktop send MFA Prompts at Midnight?
What is the Difference Between OpenID Connect and SAML2 Authentication?
Attribute |
OpenID Connect |
SAML2 |
Custom Claims |
❌ Only the standard set of claims are supported (mappings are pre-configured and cannot be edited) |
✅ 15 additional claims may be configured |
Group Claims |
Capped at 999 |
Capped at 149 |
Multi-Factor Authentication with Duo Security |
❌ |
✅ |
Permissions through app |
|
N/A |
Reference:
Can User Profiles be Automatically Updated with AD Claims?
|
Comments
0 comments
Article is closed for comments.