Hi Team,
We are planning to migrate our authentication system from ADFS SSO to Azure SSO. Currently, our IDP component uses the username for user verification. As part of this migration, we are required to switch the verification method to use the email ID instead.
I would like to know if there is a provision available to modify the verification properties accordingly.
Could you please guide us on how to proceed with this change?
Hi @selva maninUse can use this steps
1. Configure Azure AD to send email as NameID
2. Modify OutSystems IdP logic to extract email
3. Ensure user matching logic uses email instead of username 4. Confirm email uniqueness in your Users table5. Then you can check it
Thanks
Hi @Ankit Sheshkumar Shukla
Could you please guide us on how to modify the OutSystems IdP logic to extract the user's email address? If possible, sharing an OML file with the required logic would be extremely helpful for us.
Thank you in advance for your support.
Regards,
Selvamani Nataraj
Hello Selva,
Since you are switching users identity from username to email there is some ground work needed before proceeding to establish the new authentication mechanism:
1. Do all the user accounts have email addresses? If not, you need to figure out mechanism to get them from users.
2. Are all the email addresses on the accounts unique? Since email addresses are going to act as a unique identify for a user, you need to ensure that each user has a unique email addresses.
3. Are all the email addresses valid? At times user accounts are created with dummy email addresses. Before treating the provided email address as an identity you need to confirm the email address with user as well as validate them through some verification mechanism.
Hope it helps!
Junaid
Hi @Junaid Syed ,
We have valid and unique email addresses for all customers, and these are stored in the User table.