Here are the list of the frequently asked questions when a user logs in using a SAML enabled role:
Q: I just finished my SAML setup. However, when invoking the URL for initiating SAML SSO, I got an error saying: A role with SAML permission is required. What does it mean?
A: To successfully login via SAML, you have to set up a new role with 'SAML Single Sign On'. Please see Solution Article: "Solving SAML login error: A role with SAML permission is required." (ID: 29355)
Q: Is adding a role for the user needed for them to sign in through SAML?
A: Yes, it's needed. If they don't have a role that has a SAML Single Sign-on permission, they wouldn't be able to login through SAML
Q: I just logged in through SAML. How come I could not see some menus that I was able to see before?
A: When you login through SAML, you will be taken to your role with SAML Single Sign On Permission. This role is an entirely different role from the role that you're seeing when you're logging in via the NetSuite User Interface. To see those menus again, you'd need to login to NetSuite with your username and password. Another option is to have thfose permissions added to your role so that you'd still see them again.
Q. After logging in through SAML, I tried to switch roles, but my other roles are gone. What should I do?
A: One limitation when logging in via SAML is that you can't switch roles to a non-SAML role. This is for security reasons to avoid a user who used a third-party authentication from using a non-SAML role that might have greater permissions. To access your non-SAML role, you have to login again with your login credentials. Nevertheless, you will still be able to switch the other roles even if you logged in via SAML, as long as these roles have the SAML Single Sign On permission enabled.
Q. I logged in through SAML with a role that has a 'Full' permission for 'Employees'. However when I tried to edit an employee I got an error saying "For security reasons, only an administrator is allowed to edit an administrator record." What should I do?
A. There are some pages that only the Administrator can access. In such cases, you would need to login again through your Administrator role by going back to NetSuite login page and entering your login credentials. However, please be guided that you will still be able to create new employees and edit the employees that you created using the SAML role. You just don't have the permission to edit the existing ones.
For more information about the adding the SAML Single Sign On permissions and the limitations of the SAML role, please view Solution ID: 24485.
No comments:
Post a Comment