You can use SAML to map user attributes from IdP to Webex identity attributes, and turn on just-in-time (JIT) auto account updates using SAML assertion.
Modify Single sign-on authentication in Control Hub
Before you begin
Ensure that the following preconditions are met:
-
SSO is already configured. For information on using the SSO configuration wizard, see the section "SSO Setup" here: https://help.webex.com/article/lfu88u/.
-
The domains have already been verified.
-
The domains are claimed and turned on. This feature ensures users from your domain are created and updated once each time they authenticate with your IdP.
-
If DirSync or AzureAD are enabled then SAML JIT create or update will not work.
-
"Block user profile update" is enabled. SAML Update Mapping is allowed because this configuration controls the user’s ability to edit the attributes. Admin-controlled methods of creation and update are still supported.
Newly created users won't automatically get assigned licenses unless the organization has an automatic license template set up. |
1 |
From the customer view in https://admin.webex.com, go to , scroll to Authentication and click Manage SSO and IdPs. |
2 |
Go to the Identity provider tab. |
3 |
Go to the IdP and click |
4 |
Select Edit SAML mapping. |
5 |
Configure Just-In-Time (JIT) settings. |
6 |
Configure SAML mapping. |