cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SAML configuration

vpasinelli
Participant

We added a new SAML configuration by integrating one of our company domains with Okta. However, we need a particular address excluded. Is it possible?

1 REPLY 1

Blazej_dt
Dynatrace Enthusiast
Dynatrace Enthusiast

Hi @vpasinelli ,

The foundation of SAML federation is to delegate the authentication and authorization management to the external IDP (e.g. customer's Okta). If some particular user from configured and verified in Dynatrace domain should not be allowed to access Dynatrace, the user can be, e.g. removed from application or groups allowing the access on IDP side. In the worse scenario, if user is able to sign in via external IDP, this user might be created based on JIT provisioning, but without access to any resources, if it wasn't explicitly granted by account admin.

Featured Posts