You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: content/en/docs/appstore/use-content/platform-supported-content/modules/oidc.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -533,16 +533,16 @@ By default, users are provisioned by [Default User Provisioning Configuration](#
533
533
You can set up just-in-time user provisioning as follows:
534
534
535
535
1. Sign in to the running app with an administrator account.
536
-
2. Navigate to the `OIDC.OIDC_Client_Overview` page which is set up in the app navigation.
536
+
2. Navigate to the `OIDC.OIDC_Client_Overview` page, which is set up in the app navigation.
537
537
3. In the **IdPs for SSO and API security** tab, click **New** and access the **UserProvisioning** tab.
538
538
539
-
Below fields are available in the **UserProvisioning** tab for the User Provisioning configuration.
539
+
Fields below are available in the **UserProvisioning** tab for the User Provisioning configuration.
540
540
541
541
***Custom user Entity (extension of System.User)** – the Mendix entity where you will store and look up the user account. If you are using the [Administration module](https://marketplace.mendix.com/link/component/23513), this would be `Administration.Account`.
542
-
***The attribute where the user principal is stored** – unique identifier associated with an authenticated user.
542
+
***The attribute where the user principal is stored** – a unique identifier associated with an authenticated user.
543
543
***Allow the module to create users** – this enables the module to create users based on configurations of JIT user provisioning and attribute mapping. When disabled, it will still update existing users. However, for new users, it will display an exception message in the log.
544
544
* By default, the value is set to ***Yes***.
545
-
***User role** (optional) – the role which will be assigned to newly created users. This is optional and will be applied to all IdPs. You can select any user role as a default or keep the field empty. User Provisioning does not allow you to assign user roles dynamically. It can only set a default role. If you need additional user roles, use Access Token Parsing microflow to assign multiple roles. For more information, see the [Dynamic Assignment of Userroles (Access Token Parsing)](#access-token-parsing) section below.
545
+
***User role** (optional) – the role which will be assigned to newly created users. This is optional and will be applied to all IdPs. You can select any user role as a default or keep the field empty. User Provisioning does not allow you to assign user roles dynamically. It can only set a default role. If you need additional user roles, use the Access Token Parsing microflow to assign multiple roles. For more information, see the [Dynamic Assignment of Userroles (Access Token Parsing)](#access-token-parsing) section below.
546
546
* By default, the value is set to ***User***.
547
547
***User Type** – this allows you to configure end-users of your application as internal or external. It is created upon the creation of the user and updated each time the user logs in.
0 commit comments