Configuring SSO login for Admin users in NERM

Shrikrishna_Saravanan · July 29, 2025, 8:54pm

Hi all,

I’ve configured SailPoint Identity Security Cloud (ISC) for SSO with Azure AD using SAML. The necessary claim values: NameID, email, name, and groups are being passed correctly in the SAML assertion.

However, when accessing the NERM app from the Solution Center as an Admin (the user is also part of a directory group mapped to the NERM Admin role), a new user account is created with assigned admin role under “System Users”, but only the login attribute (e.g., user1@onmicrosoft.com) is populated. The display name and email fields remain empty.

Additionally, I tried to pre-create the user via a manual import before the first sign-in, populating attributes like name, email, and login, and assigning the appropriate admin role via API. But as soon as the user signs in via SSO for the first time, the existing user object appears to get replaced with the new one keeping only the login field.

Am I missing a mapping or configuration step to ensure NERM pulls in and retains all user attributes from SailPoint ISC correctly?

Any guidance would be appreciated.
Thanks

coltonulmer · July 29, 2025, 9:04pm

Hi Shrikrishna,

Please review this post from a few weeks back to see if this answers your questions/resolve the issues:
NERM User Accounts - Info Clearing (Name, Email, Etc…) - Identity Security Cloud (ISC) / ISC Discussion and Questions - SailPoint Developer Community

Shrikrishna_Saravanan · July 31, 2025, 3:32pm

Hey colton,
After reviewing the above post I have some questions. My claims have the same name as mentioned and are being passed to SailPoint ISC properly (verified with Saml tracer).

On logging to the nerm dashboard, the display name and email attributes are not populated, only the login field shows up. Will Nerm not take in the claims attribute from ISC? Could it also be due to the namespace that is attached to the attributes on IDP?

coltonulmer · July 31, 2025, 4:33pm

Could you provide a screenshot of your SSO attribute mappings configured on the NERM system SSO settings?

Shrikrishna_Saravanan · July 31, 2025, 7:14pm

In my scenario I am using SailPoint acts as the IDP for NERM. Azure ad is the IDP for SailPoint. I am trying to accessing the NERM application from the Solution Center in ISC
.

system · September 29, 2025, 7:15pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
NERM User Accounts - Info Clearing (Name, Email, Etc...) ISC Discussion and Questions apis , identity-security-cloud , nerm	2	158	September 8, 2025
NERM - Mapping for System attribute - Login ISC Discussion and Questions identity-security-cloud , nerm	5	187	March 9, 2025
User Import in NERM ISC Discussion and Questions apis , aggregation , identity-security-cloud , provisioning , nerm	35	1427	July 23, 2024
NERM authentication: IdentityNow tenant requirement + SAML 2.0 PingOne IdP with group-to-role mapping ISC Discussion and Questions identity-security-cloud , nerm	3	38	January 28, 2026
SSO Configuration Issues with Okta + NERM Setup ISC Discussion and Questions identity-security-cloud , nerm	8	234	July 25, 2025

Configuring SSO login for Admin users in NERM

Related topics