Support Article
Query on passing UID parameters from Identity Provider to PRPC
SA-5973
Summary
Developer has specific query after discussions with their infrastructure team. They are using the Ping as just as an Interface between AD and PRPC. It is not a good practice to send the hard coded values for Organization structure parameters from Identity Provider (IdP) to Pega. And, regarding hardcoding of pyOrganization, pyOrgDivision, pyOrgUnit and customization of pySAMLWebSSOAuthenticationActivity activity.
Resolution
It is mandatory pass uid (userId) from IdP to PRPC and the recommended way is to pass the parameters (pyOrganization, pyOrgDivision, pyOrgUnit) also along with uid from IdP to PRPC. And, if you want to hardcode the same values in PRPC OOTB activity, it will be used for a single user every time (which is not normally the case with SSO).
We would like to understand rationale behind hardcoding the values in out-of-the-box activity - pySAMLWebSSOAuthenticationActivity to assist your further.
Published January 31, 2016 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.