Articles in this section

How to use discriminator claims for SAML2 or OpenID Connect authentication methods

This article describes how you can further restrict access to Templafy, based on specific user attributes.

  Prerequisites

  • Admin/owner access to the Templafy tenant.
  • SAML2 or OpenIDConnect authentication method used.

Configuration

  1. Go to the Account tab in the left-side menu of the Admin Center.
  2. Go to the Authentication tab.
  3. Click Edit details for the Authentication method you want to edit.
  4. Scroll down and click to expand the Advanced options settings.
  5. Select one of the below discriminator claims in the Discriminator claim name dropdown:
    • city.
    • companyName.
    • country.
    • department.
    • groups.
    • state.
    • customClaim (up to 15 custom claims for SAML2 only).
  6. Fill in one or more discriminator value(s) - use a comma when you want to add multiple values.
  7. Click Save.

mceclip1.png

  Note

  • An admin/owner cannot edit their own authentication method except for the Login button name.
  • Only the claims available in the dropdowns can be used as discriminators.
  • Only one discriminator claim can be set, but more than one value can be added (the operator will be "OR", e.g., country = Germany OR Switzerland OR Austria).
  • Claims containing a comma are not supported.
  • Claims are updated upon renewal of the Refresh Token, which is valid for 24h regardless of the IdP.
  • If SCIM is in place, the creation and subsequent updates to claims will happen every 40mins.
sso setup hive admin_role
Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.