Assigning Users to Teams Using SAML Attributes

You can automatically assign users to teams based on their SAML attributes.

Prerequisites

  • SAML SSO must be enabled. For more information, see Enabling a Custom SAML Identity Provider.
  • You are logged on with an SAML account that is assigned an administrative role in SAP Analytics Cloud.
  • Your custom SAML Identity Provider (IdP) is configured to return one or more SAML user attributes in the SAML assertions that are issued to authenticated SAML users.
  • The team you want to assign users to has been created.

Procedure

  1. Go to the Teams page of the Security area.
  2. Select the team you want to assign users to, and then select (Open SAML Team Mapping).
    Note
    When you create an SAML user mapping to a team, any existing members that do not match the mapping will be removed from the team.

    The Create SAML Mapping dialog appears.

  3. Choose an SAML Attribute, Condition and enter the Value that the attribute should correspond to.
    Note
    Value is case sensitive.
  4. Optional: Select (New Mapping Definition) to add multiple conditions.
    1. Choose the Conditions Logic to apply to the attributes.

      Select AND if you want all the conditions to be applied to users. Select OR if you want at least one of the conditions to be applied to users.

  5. Select Save.

Results

The SAML mapping is created. Users will be added to the team only after they have logged out and back into SAP Analytics Cloud. The SAML user mapping you created will appear in the Teams list.