SingleSignOnLoginProcedure

 Show all Hide all

This procedure does not ship with the platform. Write your own and put its name in the SingleSignOnLoginProcedure setting.

This procedure is only used with single sign-on modes "Advanced Single Sign-On" and "Azure AD Advanced Single Sign-On." It is called each time a user logs in and serves to customize the user's account and permissions.

You are allowed to call SoftadminApi.User_InsertUpdate if you need to modify the user but you must not change the username or disable the user.

Active Directory

If the procedure is called for Active Directory based Advanced Single Sign-On then you will find the user's group memberships in a temp table with group names.

CREATE TABLE #AdGroup
(
	ADGroup varchar(8000)
);
Azure AD

If the procedure is called for Azure AD based Advanced Single Sign-On then you will find the user's group memberships and role memberships in temp tables with ids.

CREATE TABLE #AzureAdGroup
(
	AzureAdGroupId uniqueidentifier
)

CREATE TABLE #AzureAppRole
(
	AzureAppRoleId uniqueidentifier
)
Type: Stored procedure
Area of use: API

Parameters:

@UserId mandatory int
The user's id.
@TenantId optional uniqueidentifier
For Azure AD the tenant the user belongs to. For normal Active Directory the parameter is omitted.