Mariangela
commented
3 years ago @tharindu1st , please share your views.
Open harshanL opened 3 years ago
Mariangela
commented
3 years ago @tharindu1st , please share your views.
tharindu1st
commented
3 years ago @bhathiya @praminda as far I believe this configuration needs to be put by any user who using federation. shall we put this into the product config as default?
Thanks
bhathiya
commented
3 years ago +1. I hope it won't affect other non-fed flows.
praminda
commented
3 years ago With default handler we delete all Internal/*, Application/*, Workflow/* roles. With this handler we protect Application/*, Workflow/* roles from deletion during provisioning. So making it default shouldn't adversely affect other flows.
This should be the default handler for APIM. Current default one is only suitable for IS.
Location : https://apim.docs.wso2.com/en/latest/develop/extending-api-manager/saml2-sso/configuring-identity-server-as-idp-for-sso/
Hi team,
Shall we create a generic page for 3rd party IDP configurations and add the below configuration in to that as it is essential for any IDP? We may add such page for all the APIM versions where this config is applicable.
[authentication.framework.extensions] provisioning_handler = "org.wso2.carbon.identity.application.authentication.framework.handler.provisioning.impl.SystemRolesRetainedProvisionHandler"
Thanks, Harshan