We are trying to setup Active Directory Single Sign On / SAML for Epicor Data Analytics (EDA). We followed these directions https://helpepicoranalytics.atlassian.net/wiki/spaces/userdoc/pages/819390/Enable+single+sign-on and feel that we set things up correctly. That is about the end of the documentation and as far as I got. Now I’m wondering how do we create accounts or give our domain users access to get into EDA? When I log in using my SSO, EDA takes me to the login screen. I don’t know how to move forward from here. Any help is appreciated.
I’ve found out that if you create a user account with the user name = the SSO uid then it should work. Mine user name is my work email address.
Now the question is can we auto provision through Azure?
I ran into this same issue today and found an alternate solution that you can implement from the Azure side. By default Azure is going to send the UID as the full user.userprincipalname including the @domain.com portion, i.e. dschrute@dundermifflinpaper.com. Under the User Attributes & Claims section you can edit the Unique User Identifier and modify the value Azure is going to send. If you setup Phocas/EDA with just the username prefix for instance (dschrute), you can select the “ExtractMailPrefix()” and use the user.userprincipalname for the transformation.
Did you ever find out anything about auto provision from Azure?