By: Nisha Nisha user 02 Sep 2021 at 3:19 p.m. CDT

1 Response

Hi Everyone , Am very new to Gluu . How do i give access to user for specific application . I have integrated salefores and other few SAML apps . I was wondering how to group users and provide access to particular application . Thanks

Gluu 4.2.3 Ubuntu 14.0

closed

By Mohib Zico staff 25 Oct 2021 at 9:28 a.m. CDT

Copy

Restricting access is called Authorization. Authorization is actually not great in SAML flow ( it's best in OpenID Connect with the combination of User Managed Access ( UMA ). However there are couple of way you can implement Authorization in SAML. - With SAML attribute. Say, you have two applications. Salesforce and Google Workplace. To implement authorization, you can have two "special custom attribute" for these two apps. Whenever user will login to Google, IDP will send that special attribute to SP ( Google in this case ) and if that attribute is missing.... Login to that app ( Google ) won't happen. - Implement 2FA ( two factor authentication ) for specific SP, say Salesforce. User who will use Salesforce must use 2FA like SuperGluu. If 2FA not available, that user / user group won't be able to log into Salesforce.

You need to Login in order to post an answer

Application access

By: Nisha Nisha user 02 Sep 2021 at 3:19 p.m. CDT

Answers

By Mohib Zico staff 25 Oct 2021 at 9:28 a.m. CDT

Post an answer