|
|
|
|
The release includes SAML SSO authentication and Just-in-Time user provisioning as well as incremental enhancements and fixes. See the topics below for a summary of all enhancements and fixes in this release.
SAML Single Sign-On (SSO) Authentication
Identity Providers (IdPs) supporting SAML 2.0 SSO can now be used to authenticate users. Your IdP details can be configured in the Admin module, and SAML SSO authentication can be enabled on a user by user basis for Employees and Portal users. For this release, we have tested and documented usage with ADFS and Okta. Other IdPs will be tested and documented going forward, but feel free to try this new feature with your favorite IdP (mileage may vary). For configuration details, see the help guides for ADFS and Okta.
Just-in-Time (JIT) User Provisioning
With this release we are launching Just-in-Time (JIT) user provisioning which works in conjunction with SAML 2.0 SSO authentication. As new users are authenticated via SAML SSO, BMS users will be automatically created. Mapping rules allow you create Employee users or Client Access Portal users based on the domain and security Group information provided by your IdP via SAML. The rules allow portal users to be mapped to different client accounts based on their domain. For example: Do you have end-users defined in ADFS that you would like to onboard to the Client Access Portal? Just configure SAML SSO and JIT provisioning, distribute a link to the login page with instructions to login using their AD credentials. For configuration details, see the help guides for ADFS and Okta.
Enhancements
This release adds the following enhancements:
Bug Fixes