Hi Experts,
One of our customers have the authentication set up to allow both FSM and OIDC. The app param
FSM_AUTHENTICATION_METHODS is set to OIDC, FSM.
The users belonging to their organization login with SSO whereas subcontractors login with username and password (fsm auth). Recently they ran into the issue of the mobile not synching with the server when the password was expired for the person , despite the user (belonging to the same organization in this case) having logged in successfully via SSO.
So the query was raised whether it’s possible to disregard the password expiry for the users who have SSO enabled. Or whether it was possible to enable only SSO on a user by user basis (i.e not even show the fsm login option). I couldn’t find a way to configure the above, and hence would appreciate if any of you could shed some light on this.
Configure OIDC or FSM authentication on a user by user basis
Userlevel 6
+23
Hi Miraj.
although it is possible to enable SSO only on specific person records the FSM_AUTHENTICATION_METHODS is a global app param, meaning it applies to the whole system. The only way to remove the FSM standard authentication login is by setting the app param to “OIDC” but then your none SSO Users can’t login anymore.
I’m not aware of a way to disable the password expiry check for SSO Users and I believe this is something that would require code modification but maybe someone else can comment on that as well.
Best regards
Roman
Reply
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.