User transformation configuration hints

There are many processes in Airlock IAM (e.g. a login process) starting with a username. To maximize flexibility, username transformation can be configured separately in different places.

The following configuration entry points allow to configure username transformation (newer IAM versions or deployments containing custom code or additional modules may offer more):

Module

Configuration Entry Point

Used to transform usernames when ...

Loginapp

Loginapp >> Applications and Authentication >> a target application >> Authentication Flow

... authenticating end-users Loginapp REST API.

Loginapp

Loginapp >> SAML Settings >> SAML 2.0 Service Providers

... authenticating end-users via SAML 2.0 (IAM as service provider)

Loginapp

Loginapp >> One-Shot Authentication >> a target application configuration

... extracting credentials from HTTP requests in "one-shot" authentication.

Service container

Service Container >> RADIUS Service

... authenticating end-users via RADIUS (IAM as RADIUS server).

Transaction approval

Transaction Approval >> Transaction Approval Flow

... approving transactions for end-users.

Adminapp

Adminapp >> REST API Configuration

... determining end-users in REST resources of the Adminapp REST API.