How To Manage User Provisioning with SAML Integration

In version 5.7 of Kanbanize, we introduced SAML 2.0 Single Sign-On integration. This is a great way for companies to centralize user management. However, this raises a sensible question – what happens with user provisioning in Kanbanize when you integrate the platform with your Identity Provider? SAML integration effectively outsources part of the user provisioning to your IdP. Unfortunately, the SAML protocol does not cover user provisioning explicitly so you still need to do some user management in Kanbanize, too. Here is what you need to know:

How to add NEW users to Kanbanize:

  • You give your users access to Kanbanize by provisioning them to use the app in your IdP
  • When users log in for the first time an account is automatically created for them. Initially, they will not be assigned to any boards. Kanbanize administrator should assign them to the appropriate ones.

How SAML integration affects EXISTING Kanbanize users:

  • If a user has had an account in Kanbanize before the SAML integration and uses the same email in your IdP, their accounts will be automatically mapped. This means that the user will now log in through the IdP but will continue to use the same account in Kanbanize.

How to DELETE users from Kanbanize:

  • When a user no longer should have access to Kanbanize the administrator removes him/her from the app access list in the IdP. However, while not being able to login anymore, this user will continue to have an account in Kanbanize which will take up one user license. If this user is not expected to use Kanbanize in the future the administrator can delete the account from Kanbanize and thus free the user license.

That’s it!

Now, check out our dedicated article on setting up SAML Single Sign-On for your account.

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *