Common SSO Options
'
Edit the main configuration file conf/config.yml to fine tune behaviour of the application when using any SSO providers.
| Configuration Key (commonSSOOptions →) | Description | Example Value | Default Value |
|---|---|---|---|
| disableFormLogin | Controls if users are still allowed to login directly into the application with an username and password combination *Available since 3.0.0 | true | false |
| autoCreateUsers | Controls if the SSO access also creates the user in the application. Disabling this will prevent the login of any non-existing user that isn\'t already in the application. *Available since 3.0.0 | false | true |
| autoCreatedUsersDisabled | Controls if the users created by the SSO access are created in an enabled or disabled state. It has an effect only if autoCreateUsers is set to true. The administrator can manually enable such users in the user management in the application. *Available since 3.0.0 | true | false |
| autoCreatedUserType | Sets the user type for automatically created SSO users. Possible values are: reader, analyst, simulator, modeler or unrestricted. The number of users per type is limited by the license. A user type does not grant any access rights or roles, but only limits the possible access rights or roles a user can be given. *Available since 3.5.0 | analyst | unrestricted |
| ssoLogoutUrl | The URL that the application redirects to, after the user clicks the logout button. Preferably it is set to the SSO\'s logout endpoint, so that the user is logged from the application and the SSO system. *Available since 3.1.0 | https://samlserver.company.com/logout | n/a (application\'s log in page) |
| mandatoryGroupName | Use this flag if all users need to belong to the same group, provided by the SSO. This setting has no effect if the synchronization is not enabled in the specific SSO configuration. If the SSO provider does not return the mandatory group for the user, the user cannot login. *Available since 5.6.5 & 5.7.1 | groupName | n/a |
'