It was noted that user accounts set up with SAML must be manually removed if removed from Azure sync, as the user management does not currently have a sync with the directory or SAML IDP. ControlUp is looking into deeper integration in the future, with the possibility of adding a public API for user management. Furthermore, an ability to integrate with Entra ID is under consideration.
Read the entire ‘Manually Removing User Accounts Set up with SAML in ControlUp Platform’ thread below:
Do user accounts that are setup with SAML, need removed manually when removed from Azure sync?
Is this a DEX platform question? Or maybe Solve?
But either way, I think the answer is yes. There’s currently no sync between your directory/SAML IDP and our user management, so there’s no way for us to know if they user exists or not
I believe we are looking into some deeper integration in the future, but maybe @member can comment on that if that would change things
DEX
But thank you.
I think the idea is that having a list of users in DEX is irrelevant. Because they can’t get in unless your IDP says they can get in. Which it won’t because the account no longer exists.
Hi @member
@member and @member are correct as always 🙂
furthermore, next year we will introduce a public API for user management and add the ability to do full integration with IDPs (starting with Entra ID)
I don’t disagree that there is not necessarily an unauthorized access risk, but having a list of users in your app that no longer exists is also not best practice. Being able to clean things up would be nice
Nice cant wait.
Continue reading and comment on the thread ‘Manually Removing User Accounts Set up with SAML in ControlUp Platform’. Not a member? Join Here!
Categories: All Archives, ControlUp for Desktops