When a user is created manually in the VidyoPortal, there is a specific set of attributes required to create an account. The following list of Portal Attributes can be mapped based on SAML IdP Attributes in order to create accounts automatically.

When you provision users with SAML, user data is read-only in the system from the Admin Portal > Users > Manage Users > Edit User pop-up.


The following list explains VidyoPortal attributes (Portal Attribute Names) that can be mapped to SAML Attribute Names. Default Values for the attributes and Value mapping selection criteria (where applicable) are also explained here.

  • User Name is the name of this specific SAML attribute in the VidyoPortal.
    • In the SAML IdP Attribute Name field, enter a name you have decided as being the attribute you want to associate the User Name within your existing SAML schema.

    • No Default Value is entered for User Name.

      Default Value may not be configured because this is a mandatory, unique attribute.

       

    • No Value mapping configurations are made for the User Name.

  • User Type is the name of this specific SAML attribute in the VidyoPortal.
    • Enter a value to map to the User Type in the IdP Attribute Name field.

    • The Default Value you enter here is used as the default User Type when the IdP Attribute Name does not exist or returns an invalid attribute value or no Value mapping criteria is met.
      You can select from Normal or Executive options.

    • The Value mapping is used to make specific associations between exact Portal Attribute Values and IdP Attribute Values based on the IdP Attribute Name selected for your User Type.
      Different users return different IdP Attribute Values. The Attribute Values Mapping pop-up allows you to map specific associations for all possible values returned.

      If desired, select the Duplicate or Remove buttons to create or delete rows in the Attribute Values Mapping pop-up.

      The following screenshot shows the Attribute Value Mapping pop-up.



      In order to create these Portal User Type mapping associations, Vidyo recommends your IdP administrator creates specific security groups on your SAML server in advance.

 

  • Display Name is the name of this specific SAML attribute in the VidyoPortal.
    • In the SAML IdP Attribute Name field, enter a name you have decided as being the attribute you want to associate the User Name within your existing SAML schema.

    • In the Default Value field, enter a value for the Display Name for use when a value is somehow missing for any reason.

      If you do not type a Default Value for the Display Name in this cell, the system uses the User Name as the default.

       

    • No Value mapping configurations are made for the Display Name.

  • E-Mail Address is the name of this specific SAML attribute in the VidyoPortal.
    • In the SAML IdP Attribute Name field, enter a name you have decided as being the attribute you want to associate the E-Mail Address within your existing SAML schema. When a user logs in to the User portal, the system validates whether or not the SAML IdP Attribute Name value is actually an email address. If it’s not an email address, the system uses the Default Value.

    • The Default Value you enter here is the domain portion of the automatically created email address for the account. When a user logs in to the User or Admin portal and an invalid email address is provided as the SAML IdP Attribute Name, the system constructs an email address for the account by taking the User Name provided, combining it with what you type as the Default Value, and inserts an @ symbol in between them.

      For example, if you log in as jsmith and your Default Value is Vidyo.com, the system will automatically construct an email address of jsmith@vidyo.com.

    • No Value mapping configurations are made for the E-Mail Address.

 

  • Extension is the name of this specific SAML attribute in the VidyoPortal.
    • In the SAML IdP Attribute Name field, enter a value you have decided as being the attribute you want to associate the Extension within your existing SAML schema.

    • No Default Value is entered for User Name. When a user logs in to the User or Admin portal and an empty or invalid SAML IdP Attribute Name is retrieved from your SAML server, the system randomly auto-generates an extension value for the new account.

      If you do not wish to map extensions for new accounts, leave the SAML IdP Attribute Name blank and the system will use the Default Value to randomly auto-generate extension values for new accounts.

       

    • No Value mapping configurations are made for the Extension.

  • Group is the name of this specific attribute in the VidyoPortal.
    • In the SAML IdP Attribute Name field, enter a name you have decided as being the attribute you want to associate the Group within your existing SAML schema.

    • If the SAML IdP Attribute Name does not exist or returns an invalid attribute value or no Value mapping criteria is met, the value you specify here is used as the default User Type. The VidyoPortal tenant used in this example has Groups configured as Default, PanoRoom – 2M, etc. values, from which you can select. Map these groups using the Attribute Value Mapping pop-up.



    • The Value Mapping is used to make specific associations between exact Portal Attribute Values and SAML IdP Attribute Values based on the SAML IdP Attribute Name selected for your User Type.

      Different users return different SAML IdP Attribute Values. The Attribute Values Mapping pop-up allows you to map specific associations for all possible values returned.

      Click the Duplicate and Remove buttons to create or delete rows in the Attribute Values Mapping pop-up if desired.



      For example, using the screenshot shown here, you can see that when a user is a member of the Default group and logs in to the User or Admin portal, the account is created with the Default Group.

  • Proxy is the name of this specific IdP attribute in the VidyoPortal.
    • In the IdP Attribute Name field, enter a value to map to the Proxy in your IdP schema.
      Many users choose to enter memberOf as the IdP Attribute Name. The memberOf value returns a list of groups of which the particular user is a member. This list is then used for Value mapping selection criteria.

    • The Default Value you enter here is used as the default Proxy when the IdP Attribute Name does not exist or returns an invalid attribute value or no Value mapping criteria is met.

      The VidyoPortal tenant used in this example has Proxies configured as nj2-al-vvr1, il2-al-vvr1, etc. from which you can select. Map these groups using the Attribute Value Mapping pop-up.



    • The Value mapping is used to make specific associations between exact Portal Attribute Values and IdP Attribute Values based on the IdP Attribute Name selected for your proxy.

      Different users return different IdP Attribute Values. The Attribute Values Mapping pop-up allows you to map specific associations for all possible values returned.

      Click the Duplicate and Remove buttons to create or delete rows in the Attribute Values Mapping pop-up if desired.

      The following screenshot shows the Attribute Values Mapping pop-up.



  • Location Tag is the name of this specific IdP attribute in the VidyoPortal.
    • In the IdP Attribute Name field, enter a value to map to the Location Tag in your IdP schema.

    • The Default Value you enter here is used as the default Location Tag when the IdP Attribute Name does not exist or returns an invalid attribute value or no Value mapping criteria is met.

      The VidyoPortal tenant used in this example has Location Tags configured as Default from which you can select.



    • The Value mapping is used to make specific associations between exact Portal Attribute Values and IdP Attribute Values based on the IdP Attribute Name selected for your location tag.

      Different users return different IdP Attribute Values. The Attribute Values Mapping pop-up allows you to map specific associations for all possible values returned.

      Click the Duplicate and Remove buttons to create or delete rows in the Attribute Values Mapping pop-up if desired.

      The following screenshot shows the Attribute Values Mapping pop-up.



  • Description is the name of this specific IdP attribute in the VidyoPortal.
    • In the IdP Attribute Name field, enter a value to map the Description in your IdP schema.

    • The Default Value you enter here is used as the default Description when the IdP Attribute Name does not exist or returns an invalid attribute value or no Value mapping criteria is met.

    • No Value mapping configurations are made for the Description.

  • The following attributes are optional biographical information about the user. Therefore, default values are not set for these attributes:
    • Phone Number 1
    • Phone Number 2
    • Phone Number 3
    • Department
    • Title
    • IM
    • Location

  • Thumbnail Photo is the name of this specific LDAP attribute in the VidyoPortal.
    • The Thumbnail Photo must be a .png, .jpg, or jpeg and smaller than the maxium size that the Super Admin configures in Settings > Feature Settings > User Attributes within the Super Admin Portal.

      For more information, see Configuring user attributes.

    • No Default Value is entered for Thumbnail Photo.

    • No Value mapping configurations are made for Thumbnail Photo.

Was this article helpful?
0 out of 0 found this helpful

0 Comments

Follow
Please sign in to leave a comment.