Hi Pierre,
You are right, once you have SAML enabled the assumption is that all users will be SAML users when inviting them through the UI. If you raise a case and ask the support team to create a local user account, the DevOps team will be happy to oblige in creating a local account. You would use the non-SAML URL to authenticate as the local users, for example,
https://soar.domain.com.Be aware that the local user account must have a valid email address.
If you at some point want to "change" the local user to that of a SAML user, then go to
https://soar.domain.com/saml2/<alias> and once redirected to your IdP, authenticate as the local user and once the browser is redirected to SOAR, that user will now be a SAML user. Once a SAML user they remain that way unless a command is run against SOAR to remove that "flag" at which point the user can log in locally again.
------------------------------
BEN WILLIAMS
------------------------------
Original Message:
Sent: Thu June 17, 2021 09:09 AM
From: Pierre Dufresne
Subject: Creating a local user after enabling SAML authentication
Hi all,
In order to do some tests, we would like to create a new local user with the "old fashion way" by sending an email but we recently have enabled SAML authentication. When the email is sent, it contains a url to the saml authentication and not a personnalized url to which the user could respond and create his account with his email address.
So my question is: is it still possible to have "local" and "SAML" users at the same? If so, how can you create a "local" user after SAML has been activated?
Please note that we are using a SOAR cloud platform. Also, in the Organization Settings, the "Require SAML Authentication" parameter is "Off".
Thanks
------------------------------
Pierre Dufresne
------------------------------