cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
eh365
Regular Visitor

Authentication and contacts with multiple accounts

Hi,

We have a scenario where a lot of contacts is connected to multiple accounts. (N:1 between account and contact). 

We do not want to have this scenario when starting with portals. We want to keep the functionality related to filtering lists, security and creating new records close to the standard functionality where a contact is only connected to one account. (the contact should choose which account he/she should work with during sign in.) 

We will use external identity provider and we consider a solution where the user sign in to the portal/external identity and decide which account to work with based on a list of available accounts for the contact (this process will be outside the portal before the user is forwarded to the portal) If a contact is connected to 3 accounts we will create 3 alternative contacts, each mapped to only one account. Based on the account that the user selects during sign in we will forward the correct alternative contact (that is mapped to only that account) to the portal. We will use a custom claim in the token to tell the portal which contact this is. So the short question is: 
Insted of authenticate the contact based on username and email can we authenticate a user based on custom claim and email? 

 

1 ACCEPTED SOLUTION

Accepted Solutions

Hi @eh365 ,

Unfortunately, you cannot authenticate users based on the custom claim and email. I had similar scenario and my solution was next: user on external idp selected account they want to login with. Id of that account I receive as a claim and mapping that claim to a custom text field. Then sync plugin was searched for an account in our system using provided id and then set another custom lookup field with the found account. Then I based all of the security of the portal on that field. 

----------------------------------------------------
If you find this post helpful consider marking it as a solution to help others find it.

View solution in original post

2 REPLIES 2

Hi @eh365 ,

Unfortunately, you cannot authenticate users based on the custom claim and email. I had similar scenario and my solution was next: user on external idp selected account they want to login with. Id of that account I receive as a claim and mapping that claim to a custom text field. Then sync plugin was searched for an account in our system using provided id and then set another custom lookup field with the found account. Then I based all of the security of the portal on that field. 

----------------------------------------------------
If you find this post helpful consider marking it as a solution to help others find it.

Hi @OOlashyn,

Thank you. I think we will use this method to solve this case. Based on the info from the custom claim we can update the account in the parentcustomerid field on the contact. 

Helpful resources

Announcements
Carousel Community Blog

Check out the Community Blog

Read all about the most recent blogs in the community!

Carousel News & Announcements

What's New in the Community?

Check out the latest News & Events in the community!

Users online (16,379)