What is the challenge? |
We frequently have users that move from one institution to the another. This means their records in Aha! do not match since they have the same email, and duplicate records are created. |
What is the impact? |
This could positively impact all clients using a JWT SSO configuration. This could help to solve the problem of merging Portal users so the impact could be greater than expected. |
Describe your idea |
The SAML login method incorporates a NameID, which is a unique identifier for a person. This identifier allows users to be matched upon login if an email address is updated. Currently, the JWT login method matches on email address only, which creates duplicate records in Aha! for one person. We are asking for a NameID (or similar field) to be added to the JWT SSO login process. |
JWT SSO for ideas portals now supports the standard sub claim in the token. This is a unique identifier for the user, different from their email, and is optional but recommended.