Mappings
Last updated
Last updated
In the 'OAuth/2' - 'Mappings' section of the Thinfinity® Configuration Manager's 'Authentication' tab, you will link your OAuth/2 users to Active Directory users or groups. In this way, you tell Thinfinity® Workspace that users that authenticate with certain OAuth/2 user are to be shown certain profiles, the profiles that are available for the Active Directory user(s)/group(s) you selected to link them with. That is, to complete this process you have to link the Active Directory user(s)/group in this tab to the Active Directory user(s)/group of the profile you want to enable for a certain OAuth/2 user.
The 'Mappings' tab can be organized in two different ways. By pressing the 'Switch base' button, you select whether you prefer to see a list of Remote Usernames above, that you will map with the Associated User(s)/Group(s) Access below, or a list of Associated User(s)/Group(s) Access that you will map with the Remote Username list below. This doesn't change the way it works, only the way it is shown. You might want to think that a certain remote username has several Active Directory groups it's associated with and thus choose to see the remote users above, or you might prefer to see, for example, a list of Active Directory users and link each of them with several remote users. You can try, and even go back and forth as you add users and decide which way works best for you. Switching the base doesn't change the users and their mapping.
OPTION | DESCRIPTION |
Switch Base | Press to change the order in which the 'Authentication ID Mask and the 'Associated Permissions' boxes will be shown. This doesn't affect the configuration, only the view. |
Authentication ID Mask | List of the remote users. Add: Add a new remote user (SSO). If the 'Authentication ID Mask' box is above the the Associated Permissions box, you will then need to select it and add an Associated Permission to it. Otherwise, if the 'Authentication ID Mask' box is below the 'Associated Permissions' box, the remote user added will be mapped with the Active Directory User selected in the box above. Remove: Select a user and click on the 'Remove' button to take out this remote user from the SSO authentication control, when the 'Authentication ID Mask' box is above the Associated User/Group Access box. This will also remove the mappings. If the 'Authentication ID Mask' box is below the 'Associated Permissions' box, you will instead remove the user from the mapping with the Active Directory user/group selected above. Enabled: Select an user on the list and uncheck the 'Enabled' field if you want to disable the access of this specific remote user. |
Associated Permissions | List of Active Directory Users and Groups. Add: If the 'Associated Permissions' box is above, adds a user to later on select and associate with a remote user. If the Associated Permissions box is below the 'Authentication ID Mask' box, maps this user to the selected remote user above. Remove: If the 'Associated Permissions' box is above, it deletes this user and their mappings from the mapping tab. If the 'Associated Permissions' box is below the 'Authentication ID Mask' box, it disassociates this Active Directory user from the remote user selected above. |
In the credentials tab, you will find the following options:
OPTION | DESCRIPTION |
Username | Stores a valid Windows Username. Used when using an External Authentication and profiles with "Use the Authenticated Credentials" option. |
Password | Stores a valid Windows Username's password. Used when using an External Authentication and profiles with "Use the Authenticated Credentials" option. |
Test | Verifies the stored credentials. |
Remove | Removes the stored credentials. |
Always remember to press "Apply" in order to save the changes.