Select the Web agent in question from the Ubisecure SSO Management application. Add the user's group in the Allowed To list. - Make sure the authentication method used by the user is enabled for the site where the user is located within Ubisecure SSO Management. See the "Site Methods" tab of site where the user is.
Make sure that the user is member of some of the groups specified in the Allowed To list. - Make sure that the authorization policy Single-Value Attribute constraint is met. If there is an attribute name listed under Single Value Attribute, login will not be possible if the authorization policy generates an attribute that has multiple values.
In the example below, the user must have only one phone number.
 - Make sure that the authorization policy Mandatory Attribute constraint is met. If there is an attribute name listed under Mandatory Attribute, login will not be possible if the authorization policy does not generate an attribute that has that name.
In the example below, the user must have at least one surname attribute.
|