Validating SAML claims for tenants - HxGN EAM - 12.1.1 - Feature Briefs - Hexagon

HxGN EAM Single Sign-On

Search by Category
Feature Briefs
HxGN EAM Version

ADFS may be configured to return SAML claims containing the names of tenants a given user is authorized to access. One reason to configure ADFS in this fashion is to allow some users to access a production but not a test database, others to access only a training environment, and so on.

The steps required to configure ADFS to support this feature are beyond the scope of this document and will not be discussed here.

To configure EAM to validate SAML claims for tenants:

  • ADFS must return a SAML claim such that

    • The name of the SAML claim is

    • The value of the SAML claim is the current tenant name (passed on the query string).

  • EAM install parameter VLENVCLM

    • By default, the value of this parameter is set to OFF.

    • To validate SAML claims for tenants set the value to ON