In our IDN environment there are two identity profiles one for admins which is flat file source and other identity profile is from the authoritative source.
As for identity profiles uid value is different it creates separate identities. There are some users which have identity from the both identity profiles and have same work email value.
For example - userA has identity from idn-admin profile as userA.admin. While from auth source IDP, user has identity userA.normalIdentity but both identity has same work email value.
There are other sources configured and which has a work email as the only correlation attribute available. So as given in above example, if userA has any account on such sources then it will not corelate because IDN finds 2 identities having same email value.
How such situation can be handled? I am thinking to add one more identity attribute in the auth IDP having same value as email and use that for the correlation. Any better way than this ?
Is there a reason you are maintaining 2 separate identities for User A?
Would you not want to correlate the account from IDP with the identity from Admins Profile?
Hi Nitesh, Auth source has pass through configuration in the Identity Profile while admin Identity Profile is flat file based and identity from admin profile has admin access, which can log in using identity password. Having only auth source identity profile will impact log in ability in case of emergency. That’s why maintaining separate identity Profile
When we create a Office365 email account, it creates additional proxyaddresses which can be used for email communication. Ex: [email protected] and arjun.sengupta@onmicrosoft… . Try sending email to the other proxyaddress and see if it works.
You can use the other email (onmicrosoft…) configure email id for the admin profile.