To provide an alternative to using the Primary email field values to uniquely identify people who need to be granted access to 4me after an organization’s identity provider has sent a SAML request to 4me’s single sign-on functionality, a new field has been added to the Person form. This field is labeled ‘Authentication ID’.
The value in the Authentication ID field needs to be unique within the 4me account. If the person record is stored in a directory account or a support domain account, then the value must be unique within the entire directory structure.
Once the Authentication ID field has been populated in the person records, these field values can be used by 4me’s single sign-on functionality. This is done by selecting the option ‘Authentication ID’ in the Identifier field of the ‘Single Sign-On’ section of the Settings console.
When the option ‘Authentication ID’ is selected in the Identifier field, 4me will use the identifier that is provided in the SAML responses from the organization’s identity provider to find a match in the Authentication ID field of one of the organization’s person records.