Skip to Main Content

Share your product feedback

Status Shipped
Categories User management
Created by Paula Schaefer-Riley
Created on Jul 23, 2024

Additional Unique Identifier for JWT SSO

What is the challenge?

We frequently have users that move from one institution to the another. This means their records in Aha! do not match since they have the same email, and duplicate records are created.

What is the impact?

This could positively impact all clients using a JWT SSO configuration. This could help to solve the problem of merging Portal users so the impact could be greater than expected.

Describe your idea

The SAML login method incorporates a NameID, which is a unique identifier for a person. This identifier allows users to be matched upon login if an email address is updated.

Currently, the JWT login method matches on email address only, which creates duplicate records in Aha! for one person.

We are asking for a NameID (or similar field) to be added to the JWT SSO login process.

  • ADMIN RESPONSE
    Sep 27, 2024

    JWT SSO for ideas portals now supports the standard sub claim in the token. This is a unique identifier for the user, different from their email, and is optional but recommended.

  • Attach files