There are many processes in Airlock IAM (e.g. a login process) starting with a username. To maximize flexibility, username transformation can be configured separately in different places.
The following configuration entry points allow to configure username transformation (newer IAM versions or deployments containing custom code or additional modules may offer more):
Module | Configuration Entry Point | Used to transform usernames when ... |
---|---|---|
Loginapp | Loginapp >> Applications and Authentication >> a target application >> Authentication Flow | ... authenticating end-users Loginapp REST API. |
Loginapp | Loginapp >> SAML Settings >> SAML 2.0 Service Providers | ... authenticating end-users via SAML 2.0 (IAM as service provider) |
Loginapp | Loginapp >> One-Shot Authentication >> a target application configuration | ... extracting credentials from HTTP requests in "one-shot" authentication. |
Service container | Service Container >> RADIUS Service | ... authenticating end-users via RADIUS (IAM as RADIUS server). |
Transaction approval | Transaction Approval >> Transaction Approval Flow | ... approving transactions for end-users. |
Adminapp | Adminapp >> REST API Configuration | ... determining end-users in REST resources of the Adminapp REST API. |