Federated User Properties
This topic describes the various configuration tabs available in the federated user properties. Every federated user has a set of extended user properties that can be set either when the user is first added to the system, or deferred until a later date. (During initial entry, only a minimal amount of user data is required, to facilitate rapid entry of many users.)
gateway83
This topic describes the various configuration tabs available in the federated user properties. Every federated user has a set of extended user properties that can be set either when the user is first added to the system, or deferred until a later date. (During initial entry, only a minimal amount of user data is required, to facilitate rapid entry of many users.)
To access the properties for a federated user
:- Do one of the following:
- Create a new federated user, making sure to select theDefine Additional Propertiescheck box.
- Edit an existing federated user.
- Locate the group by searching the identity provider.
- Configure each tab within the properties as necessary. All information is optional. Refer to the appropriate section below for a complete description of each tab.
- Click [OK] when done.
Configuring the [General] Tab
This tab is used to enter the user's full name, as well as enter or modify any of the fields entered in the basic properties (see Create a Federated User).
- First Name: Enter the user's first name.
- Last Name: Enter the user's last name.
Configuring the [Membership] Tab
The [Membership] tab displays the federated groups to which the user belongs.
- Click [Add]. A list of federated groups is displayed.
- Select one or more groups that the user belongs to.If the group you want isn't in the list, define it first using the steps under Add a New Federated Group.
- Click [Add]. The user is added to the group.
- If you need to remove a user from a group, select the group and then click [Remove].
Configuring the [Certificate] Tab
The [Certificate] tab is used to manage the certificate for the user.
- To import a certificate for the user, click [Import] and then complete the Add Certificate Wizard.
- To export a certificate, click [Export] and then specify a file name and location.
- To remove a certificate, click [Remove] and then click [OK] to confirm. Removing a certificate removes both the certificate and the user's password.It is only necessary to import client certificates for federated users when the Federated Identity Provider (FIP) is configured with no trusted CA certificates. When the FIP is configured with one or more CA certificates, then federated users can be successfully authorized based only on the attributes entered in the Create Federated User dialog, as long as the certificate presented along with their request was signed by one of the CAs whose certificates are trusted by the FIP. For more information on the different X.509 certificate credential source scenarios, see Workflow Using an X.509 Certificate.