Web Login User Mapping
When using web login with an OpenID Connect (OIDC) or SAML 2.0 identity provider, we need a way to connect the users in the identity provider to the users in GENESIS security. The Find existing users by setting defines how to match these users.
When you log into the external identity provider a token with a claim is sent to GENESIS. The claim contains identifying information about the user, and the Find existing users by setting tells GENESIS what field in the GENESIS user needs to match the claim.
The possible values for Find existing users by are:
|
Name |
Description |
|---|---|
|
Display Name |
The name of the GENESIS security user. |
|
Unique Name (Active Directory GUID) |
The GUID of the Active Directory or Entra ID user. This only applies when using security modes of Active Directory or Entra ID. |
|
Active Directory SID (Security ID) |
The Active Directory security ID of the user. This only applies when using Active Directory security mode or when using Entra ID mode and synchronizing with an on-premise Active Directory. |
|
User Lookup Identifier |
The User Lookup Identifier field of the GENESIS security user. This field can be used to store any text to identify the user, such as an email address. |