xgp
commented
1 year ago This extension does not support use of a single IdP for multiple tenants.
Closed SangI762 closed 1 year ago
xgp
commented
1 year ago This extension does not support use of a single IdP for multiple tenants.
SangI762
commented
1 year ago @xgp I do understand that, but any possible solutions or advices here from your experience?
xgp
commented
1 year ago Yes. My experience tells me that you shouldn't use social providers for organization SSO. If you have a customer using GSuite, get them to set up SAML SSO. Don't try to use the social provider. Same with MS/Azure.
Good day. I have use case, when organization wants to use the public (our pre-configured) IDP instead of private, connected to it's user federation. Let's say we're providing two public IDPs: Google and MS. The problem is that I can't assign it to many organizations as well as I can't duplicate IDP per organization, because then I'll have a lot of redirect URL's on one OAuth Client.
Any solutions how to solve this case and keep the same behaviour based on organization's domain?
I know that, I can use multiple domains on IDP and create mappers on IDP which places user to certain group by email. Would be nice if would be possible to put user under organization in similar way.