Release Notes 02/08/2016: A Widget Improvement & the Introduction of SAML

  • 15
  • Announcement
  • Updated 4 months ago
With this release Get Satisfaction is now offering a new Single Sign On options for our customer communities! We also introduced a small change to our widgets and a couple of small bug fixes for widgets as well.


A Widget Improvement

On the Feedback Widgets, we received feedback that the language around selecting a topic category before posting was preventing users from posting in customer communities. Users thought that a category had to be selected in order to post from the widget, which is not the case. This language has now been updated to show that picking a category is optional.

Introduction of SAML

Security Assertion Markup Language (SAML) has been introduced as another Single Sign On (SSO) option for Get Satisaction communities. While many of our customers do use FastPass, we wanted to provide an additional option for those who wanted a different set up for Single Sign On.

It’s different than FastPass in that you don’t necessarily have to put Get Satisfaction specific code on your end and you don’t have to have your own internal system for managing users. Instead, you could use a service like Okta, OneLogin or even SalesForce. It can be used as one of your multiple login options or as the required login option for your community.

We are currently enabling SAML Single Sign On by request, so please comment here if you would like to have this added to your Get Satisfaction community.
More details about how to configure SAML Single Sign On for your community will be available shortly in our Education Center.
Photo of Tashina

Tashina, Community & Education Manager

  • 24,212 Points 20k badge 2x thumb

Posted 1 year ago

  • 15
Photo of Tina Gallant

Tina Gallant

  • 126 Points 100 badge 2x thumb
Good
Photo of Mark McCallister

Mark McCallister

  • 240 Points 100 badge 2x thumb
Can I get access to this for our community?
Photo of Mark McCallister

Mark McCallister

  • 240 Points 100 badge 2x thumb
Great. I've set it up, and we're able to authenticate users with it, but there app doesn't appear to provide a way to do custom field mapping. I think you need to add optional parameters for Email, Nick, Display name, First name, Last name, and Second email to your connector.
Photo of Josh King

Josh King, Sr. Engineer

  • 2,586 Points 2k badge 2x thumb
Since I don't have the ability to manage the connector I have made a request to see if these can be added. 
Photo of Josh King

Josh King, Sr. Engineer

  • 2,586 Points 2k badge 2x thumb
OneLogin has enabled custom attributes for our app.  I was able to set this up and verify that everything is working.


First I added the new fields to the user directory configuration.



Then I went to my user entry to fill in the values.



After that I had to add the fields to the mapping from the directory to the connector.



Finally I had to go to the Get Satisfaction SAML admin and for our special fields map the names that will be received from OneLogin.  These special fields are ones that are stored on specific records in our app and have meaning so that they show up when you view the user etc..  Any additional fields that don't match up in this configuration are free form and stored as a list on the user's record for the community and can only be seen in a few specific places such as when a moderator hovers over the user profile.  




Hope this helps and let me know if you run into any issues.
Photo of Mark McCallister

Mark McCallister

  • 240 Points 100 badge 2x thumb
Fantastic! This is working great. 

While I have your attention, do you plan to add any provisioning support in the future? Specifically, disabling users.

It would also be great to be able to set the user type in the SAML assertion.

Thank you putting this all together!
Photo of Josh King

Josh King, Sr. Engineer

  • 2,586 Points 2k badge 2x thumb
I don't forsee us adding ability to disable users users since that concept really doesn't exist in our application but I could see the case of setting a user type, or role, so that for example, they are no longer an employee but just a normal user.  If your community is public they could still participate like everyone else or if the community is private and, I believe they are no longer an employee they would not be able to access at all.  This currently isn't on our roadmap but I do recall it being brought up by one other customer.  I'll have to think about this more and see how feasible it is.
Photo of James

James

  • 122 Points 100 badge 2x thumb
Hi Tashina, we'd like to enable SAML for our community.
Photo of Josh King

Josh King, Sr. Engineer

  • 2,586 Points 2k badge 2x thumb
Hi James, I have enabled SAML for your account.  You can go to the SAML admin section to configure it and get the setup information for your IdP.  I'm the engineer who added SAML support so please let me know if you have any problems or questions.
Photo of James

James

  • 122 Points 100 badge 2x thumb
Fantastic, thanks!
Photo of Darin Dugan

Darin Dugan

  • 280 Points 250 badge 2x thumb
Please enable SAML for our community as well.
Photo of Tashina

Tashina, Community & Education Manager

  • 23,998 Points 20k badge 2x thumb
I can set that up for you Darin. To confirm, is /isu the correct community?
Photo of Darin Dugan

Darin Dugan

  • 280 Points 250 badge 2x thumb
Yes, that's correct, Tashina. Thanks!
Photo of Tashina

Tashina, Community & Education Manager

  • 23,998 Points 20k badge 2x thumb
No problem. It's now enabled.
Photo of Ian Chang

Ian Chang

  • 60 Points
Hi Team, Please enable SAML for our community. Thank you!