Onit Documentation

Passing in Custom SAML Attributes - Configuring a FusionAuth Connection

by [email protected] Updated on

You can now pass custom SAML attributes into Onit when a user logs in. This is a great way to keep information about users in sync with your own IT systems.

This feature requires an integration with a third party system called FusionAuth to help facilitate the passing of SAML attributes.

A FusionAuth Integration is similar to a standard SSO IDP integration. However, instead of Onit connecting directly to the IDP, FusionAuth will be configured to connect to the IDP and Onit will connect with FusionAuth.

Enablement of this feature will require some steps by Onit resources within FusionAuth itself. Below we'll cover the configuration steps that are taken within the OnitX Platform.

1. Go to Security under Administration

Prior to this step, work will be done by Onit resources to get things setup in FusionAuth. Once that is configured we can then finish the setup within Onit.

Begin by going to the Security configuration page and selecting either "Single Sign On" or "Single Sign On and Password".

2. Check the 'Use Fusion Auth' checkbox.

When adding an IDP you'll see a new checkbox called "Use Fusion Auth". Enabling this checkbox will show additional fields needed for the Fusion Auth integration.

3. Fill out the FusionAuth fields and define the Custom SAML attributes.

Information for these fields will come from the setup that was done in Fusion Auth. A key field here is "Custom SAML attribute names". This is where you define the key names of custom SAML attributes that you expect to be passed in from the IDP. If a key name is not entered here then it will not be available in the following steps.

4. Go to the User Preferences Providers

Next we'll go to the User Preference Provider to pass the defined SAML attributes into our User Profile records.

5. Add the same Custom SAML Attribute Names from Security to the SAML Attribute section of a User Preferences Providers

At the bottom of the User Preference Provider you'll see a section titled "SAML Attributes". This section will allow you to map the attributes you defined above to fields on the User Profile app. 

6. New fields are updated per user anytime the user logs in via FusionAuth

Whenever a user signs in using the IDP configuration enabled by FusionAuth, the custom SAML attributes specified above will automatically update in their User Profile. Based on these updated attributes, you can then set up tailored workflows in Onit to suit your specific needs.

Previous Article ONIT Outlook Add-In 2.1 End User Guide
Next Article Using Badges to Enhance App Orchestration Visibility and Workflow

© 2024 Onit, Inc.

docs.onit.com contains proprietary and confidential information owned by Onit, Inc. that is subject to copyright. Onit presents it exclusively to you for your sole use in conjunction with using Onit products. No portion of the materials contained herein may be used for any other purpose. No portion of the materials contained herein may be shared with third parties or reproduced in any form.