Skip to content

Commit

Permalink
Add documentation for alias user handling during logon
Browse files Browse the repository at this point in the history
  • Loading branch information
adrianhoelzl-sap committed Sep 4, 2024
1 parent 95c43a6 commit 8b044e9
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion docs/UAA-Alias-Entities.md
Original file line number Diff line number Diff line change
Expand Up @@ -115,9 +115,13 @@ Please note that disabling the flag does not lead to existing entities with alia
In addition to enabling the alias feature, one must ensure that no groups can be created that would give users inside a
custom zone any authorizations in other zones (e.g., `zones.<zone ID>.admin`).
This can be achieved by using the allow list for groups (`userConfig.allowedGroups`) in the configuration of the
identity zone.
identity zone.

## User Logon

During logon, the information of the matching shadow user is updated with the information from the identity provider
(e.g., the ID token in the OpenID Connect flow).
If this shadow user has an alias, the updated properties are propagated to it.



Expand Down

0 comments on commit 8b044e9

Please sign in to comment.