Customizing Operator Login Data Type

FlexNet Manager Suite 2023 R1 (On-Premises)

By default, in a single sign-on environment conforming to SAML 2.0, a SAML user logs in using an email address, or a SAML user name. The identity provider then passes a property to FlexNet Manager Suite that allows look-up of the operator to identify which roles are applicable, and so on.

In FlexNet Manager Suite, the received property value is matched against the OperatorLogin column of the ComplianceOperator table in the compliance database.

Some enterprises require that the identity provider uses a different property (such as an employee number) to authorize use of the service provider (in this case, FlexNet Manager Suite) by the operator. At a high level, the following steps are required to allow the use of a custom identifier.

To customize the property for operator login using SAML 2.0:

  1. Ensure that the identity provider stores the necessary property (such as employee number) for each authorized account.
    The details for this configuration depend on your chosen identity provider.
  2. Configure the identity provider to return the required value in a custom property, for which you set a custom property name (for example, EmpNo).
  3. Ensure that the required values (in this case, the employee numbers) are also saved in the OperatorLogin column of the ComplianceOperator table of the compliance database for FlexNet Manager Suite.

    Individually, these values can be entered in the Account field of the Account Properties page of the web interface (navigate to the system menu ( in the top right corner) > Accounts > Create an account).

  4. Within the web.config file for the web application server of FlexNet Manager Suite, in the signOn element, update the authenticationLogin attribute with the name of the custom property to receive from the identity provider (in this example, EmpNo).
When configuration is complete, the following scenario applies:
  • Operator Sam successfully logs in using your preferred SAML 2.0 single sign-on tool (for example, Okta).
  • The tool (Okta) looks up Sam's employee number, and returns it to FlexNet Manager Suite as the value for the agreed custom property (such as EmpNo=135798642).
  • FlexNet Manager Suite looks for this value in ComplianceOperator.OperatorLogin.
  • Finding a match, FlexNet Manager Suite grants Sam access with access rights determined by the roles of which she is a member.

FlexNet Manager Suite (On-Premises)

2023 R1