Managing SSO Users¶
SSO users need approval from a VECTR administrator before they can access VECTR. SSO users who log into VECTR for the first time will see a prompt (shown below) notifying them that an administrator will need to approve their account before they can log in.
Approving an SSO User¶
Any VECTR user with the ManageIAM policy can approve access requests from SSO users. To approve an SSO user:
- Log into VECTR as an admin or user with ManageIAM policy
- From the left navigation, go to Administration Access Management
Locate the SSO user to approve, they are distinguishable by a person icon
Click on the hamburger icon for the corresponding user, then click Approve
On the approval screen, verify that you are approving the correct user
- Select the groups the user should belong to
- Click Save
Federating User Local Account to SSO Account¶
You can federate a user account if you have a local user configured with permissions that you want carried over to an SSO User. This can be performed when a local account and SSO account share the same username.
Assume that a local account for Megan B exists: Once SSO has been configured, Megan B tries to log into VECTR and is awaiting approval.
From the left navigation, go to Administration Access Management
Locate the SSO user to approve and federate. You will notice a handshake icon next to the user.
Click on the hamburger icon for the corresponding user, then click Federate User
Take note of the actions that VECTR will perform on the federated user, click Federate User
Megan B's account will now be of type SSO