topic Stop any Users from login into AppDynamics SAML in Splunk AppDynamics

Stop any Users from login into AppDynamics SAML

Mohit_Gupta2 — Sun, 13 Mar 2022 09:13:29 GMT

Hi,

We have implemented SAML with ADFS. Now, we want to block a set of users from login into AppDynamics.

Since its SSO any user in domain is able to login as there has to be at least one default role mapped and AppDynamics has no option to show user that they are not authorized to login (When using SSO). For now, we have created a role with no permissions and mapped it with Default SAML group. How can we block particular set of users in domain from login into AppDynamics while continue to use SSO for the intended users.

Regards,

Mohit

Re: Stop any Users from login into AppDynamics SAML

Morelz — Mon, 14 Mar 2022 04:42:59 GMT

Hi Mohit

You can use the SAML Access Attribute option in the SAML Configuration page to manage access.

Create or use an attribute that would need to be set for users that are allowed to access AppDynamics

Ciao

Re: Stop any Users from login into AppDynamics SAML

Mohit_Gupta2 — Sat, 19 Mar 2022 06:40:15 GMT

Hi Mario,

Worked, we created a new attribute in ADFS and passing the value of a Security group there.

Now, we are checking if the user is part of our "AppDynamicsSaaS" security group if yes the user will be able to login if no user will get HTTP 400 error.

I wonder if there was a better screen to display instead of HTTP 400 error.

Regards,

Mohit