Maximo Open Forum

Hi All,

Am creatng users in manage v 8.7(not from Suite api)   using Rest API the MASUSERSYNC cron syncs user to the suite as a local by default saml is not getting enbaled as my system is saml authenticated and local authenticated both applies with authentication ( it shows under authentication tab of user management  in suite we are not using ldap)  but during user sync from manage to suite it only creates local user as default,Also I noticed MASISSUER attribute of MAXUSER of manage db  is appearing as local, Do i need to set parameter owner to default-saml in order to set the user authetication to SAML during syncing o user to suite besides the cron creates local user by default? 

The MASUSERSYNC cron task was enhanced with new parameters for tracking the owner & authentication method (issuer) but I don't remember what version exactly that was done in. If you don't see the cron task parameters for it, try to delete and recreate the cron task instance to see if it adds the new parameters. Cron task parameters are defined on creation of the cron task which is why recreating it can show the additional parameters.

Owner must be local or scim (all lowercase) and you want it to be local. SCIM means the user comes from LDAP sync or the SCIM sync process in newer versions. This drastically limits what you can modify on the user record since you're telling it that the integration manages the user account.

Issuer in your case would be saml. Your identity provider will be labeled as default-saml but this feature is looking for local, ldap, or saml only and will use the appropriate one based on that. It won't matter on your version, but in 9.0 MAS was enhanced to support multiple identity providers of the same type (IE two different SAML providers like Okta & Entra). For customers on 9.0, it can only send users to the default-saml. 9.1 and the upcoming 9.2 user management is entirely different.