Currently, there is no SSO validation when adding new users that is not existing already rom the GE SSO Staging IDP list.
Problem 1: When an SSO doesn’t exist, user can manually type the information in leading to:
- Incorrect data getting put in
- And if SSO is typed in wrong, the only way for that user to log in would be typing in an incorrect SSO
- When adding new users, valid SSO should auto populate the user details. But if not available in the address book…there should be a way to validate the email/SSO.
- Need to also have a way to ensure that special characters can be added for names (O’hare, Ann-Marie, etc)
Problem 2: Users with no SSO added to Prod:
- Currently, we are able to add users without SSO’s as depicted in the image below:
- Additionally, analytics.user.powermndanalytics.user.powermnd in the Prod environment with no permission set or group.
- Need to validate proper SSO format before allowing users to add.
Proposed Solution / Idea: Need this workflow to verify the SSO and option to attain SSO if no SSO (Attach Nancy’s email in description)
- Sign up : This step will request users for their SSO, first name, last name, modules they need access to and submit it as a request to us via a service now case. This will get assigned to my team assignment group and we will work the request.
- Once registered/added to APM, the case will be resolved and an email sent to the user with the access link and steps to login. This will also provide them with the service now link to open cases in case they have any questions about the tool.
- This feature is already implemented by tools like MyFleet.
Use Case: Currently, the M&D admin is facing a flood of email requests from people requesting access to pre-prod which the admin has to go into the Admin module to manually add each person. The process is also not validated enough to prevent user errors and takes too long to do.