ODC user profile matching for external IdPs
Managing user access and security is now more flexible. When configuring external Identity Providers (IdPs), you have new expanded options for how ODC matches external users to ODC user profiles.
ODC first attempts to match based on the subject claim. If no match is found, you can now configure a fallback strategy: match by email, username, or disable fallback matching entirely.
Additionally, the new “Auto-create users on login” toggle streamlines provisioning. You can disable this to prevent the automatic creation of new users, ensuring that only users you have explicitly pre-authorized can access your tenant. This update is essential for supporting complex migration scenarios, such as moving from O11 to ODC, and for maintaining stricter security governance.
Email verification and profile matching for external identity providers- ODC
- Security
