Skip to main content

We would like to switch from “Microsoft ADFS Single Sign On” to “Google SSO”.

We have concerns that this will wipe out history data on users or break locations for users and anything else that I might not be thinking about.

@JC1 Great question and I hope this helps: 

  1. Uninstalling the app will not remove Microsoft ADFS Single Sign On authenticated users from the system. However, it will also not remove the app as the authenticating source of information.
  2. Existing accounts can be switched over to a new authenticating source as long as we have a way to associate them with an account in that system. This generally entails us breaking the authentication association with the existing system on these accounts. Then, when a system sync is run with the new system (Google SSO in this case), the system should automatically match the existing iiQ account to the user record in the new system. However, this automation is done with an email match. If the emails differ we would need to discuss details further to determine how best to proceed.
  3. We have switched authenticating systems before as mentioned above. Generally, this is what is recommend for this process:
    1. First step would be to get all the user accounts ready in the new source system. Once this is completed, you will want to install the Google SSO, ensure all of your location and role mappings are set, and then only turn on update asset users. For this first phase it is important that the create user option is not turned on until we get the authentication switched over. If this option is turned on, then a new record will be created for all Google SSO accounts which will lead to a duplicate user issue that would require a bulk user merge to run on our end before we can continue.
    2. Next, you will need to reach out to the support team to let them know you are ready to begin transitioning over to a new authentication system. We recommend scheduling this in advance with the team and to aim for a Friday evening transition to minimize the impact this will have on your users during the process.
    3. We will then begin the switchover on our side. Once the authentication is switched over and a sync is run, we will check to ensure all accounts are matching with the Google SSO counterpart. Microsoft ADFS SSO will then be uninstalled by an Incident IQ admin. Once all checks are complete and Microsoft ADFS SSO is uninstalled you will be notified of the switchover success.
    4. At this point it would be okay for your to turn on user creation to bring over any accounts that were not in Microsoft ADFS SSO.
       

Reply


Terms & ConditionsCookie settings
Incident IQ logo

Incident IQ is a service management platform built for K-12 school districts, featuring asset management, help ticketing, facilities maintenance solutions, and more.

Corporate Headquarters:
750 Glenwood Ave SE, Suite 320
Atlanta, GA 30316