DocuSign SSO issues on Dev environment.
Andrew Morgan
morgan at orst.edu
Wed Nov 30 18:00:16 EST 2016
On Wed, 30 Nov 2016, Cantor, Scott wrote:
> On 11/30/16, 5:33 PM, "users on behalf of Andrew Morgan"
> <users-bounces at shibboleth.net on behalf of morgan at orst.edu> wrote:
>>
>> What is wrong about this? Is that the wrong way for Docusign to
>> specify a persistent NameID?
>
> No, but I very seriously doubt they require one. Their platform remains
> 100% email-driven, that much I know for certain. So if they require a
> mail attribute, they certainly shouldn't require this.
You're not far off. We started our Docusign integration using one
sourceAttribute for the computed NameID (our OSU ID number), but we knew
we didn't want to use that attribute long-term. When I changed the
sourceAttribute to an internal IDM-generated attribute, I couldn't login
to Docusign because the email address conflicted.
However, I'm pretty sure in my testing that I was able to change the email
address released and have it update in Docusign (for the same NameID
value), so that's actually kinda nice.
Andy
More information about the users
mailing list