Solved: Re: Query regarding SSO fallback access on tenant

rswarnka · ‎09 Mar 2020

We are required to have SSO access federation for our Dynatrace SaaS tenant.

However, the fallback user account pre-requisite states that it is only feasible to have such access to the email id on a different domain.

Procuring such email ids on a different domain is not feasible as per the organizational standards. Can you please suggest how to mitigate this impediment?

skrystosik · ‎09 Mar 2020

I think you may need to open support ticket and post product IDEA. If this is not supported to use the same domain, it may be problematic to handle such case.

Sebastian

Regards, Sebastian

rswarnka · ‎11 Mar 2020

Hmm, may be we could have some mechanism like access keys for such access.

larry_roberts · ‎09 Mar 2020

We ran into the same thing when SSO was released. We ended up making an exception and using a gmail account created specifically for this with a very long and random password that we store in our key vault.

I completely agree this is not ideal, but it is one way around it. I would highly recommend creating an RFE on this. I see no reason that is obvious as to why something could not be added to the account configuration page to supply a single email even on the same domain as a backup.

Thanks!

rswarnka · ‎11 Mar 2020

Unfortunately, due to constraints on account access, I cannot test such configuration.

Thanks for suggestions Larry !