How To
Summary
Inviting users to an IBM Security SOAR organization enabled for SAML
Steps
By default, when users are invited to an organization, they are sent a link that requires them to enter their details and a password. You can change this behavior for SAML enabled organizations by using the following command:
sudo resutil configset -key invitation_fed:example.com -svalue resilient
This indicates that invitations sent to @example.com includes the SAML URL (that is, https://example.com/saml2/resilient) in the email body field for the SAML federation alias, "resilient."
It assumes that users have example.com email domains and that your SAML federation alias is “resilient”.
NOTE: The email domain name must match exactly. If emails do not match exactly, users receive a link that requires them to enter their details and a password.
If you want a SAML federation to apply for all email addresses, you can use this command:
sudo resutil configset -key invitation_fed -svalue resilient
This serves as the default. You can still override it for specific email addresses by using the invitation_fed:example.com format.
If you need to know what alias you are using, run this command:
sudo resutil samlshow
If you need to remove the setting and return to sending a link that requires them to enter their details and a password, run this command:
sudo resutil configset -key invitation_fed -delete
Document Location
Worldwide
Was this topic helpful?
Document Information
Modified date:
17 February 2022
UID
ibm11161130