Hi,
I have added some custom attributes to the Organization managed object in ID Cloud so that I can associate SAML2 IdPs with certain orgs. I’d ideally like these attributes to be editable by the Owner or Admins of the org, but no matter what settings I select for the custom properties they do not show up in the UI for owners or admins. Is this a limitation of ID Cloud or am I missing a setting somewhere?
Cheers,
Neil
Hi Neil
I suspect it may be about one of the properties in the screenshot.
On a side note, how are you planning to associate the SAML IDPs to the orgs?
Are you doing it through authorization policies and scripts?
We had a similar requirement recently where we implemented it through authorization policies and scripts. But just curious if there is an alternative approach as well.
It doesn’t seem that any of those settings make the custom properties editable by org admins. I guess we would need to submit an RFE for that, but I think we can live with it now.
There is a one-to-one mapping from orgs to IdPs, so we just have a custom attribute on the org that lists the SAML entity ID of the IdP. Then in the login journey (integrated SSO), we lookup the org that the user is a member of (fr-idm-managed-user-memberoforgid), load the custom attributes via the openidm binding, and then use a Configuration Provider Node to configure a SAML Node based on that.
