SAML external identity provider (IDP) - Symantec App Center enterprise support solutions
This topic compiles links to all Symantec App Center content relating to using SAML as the external identity provider.
Symantec App Center supports using the Security Assertion Markup Language (SAML) protocol to act as an external IDP. App Center can use the SAML server to authenticate users to access the Symantec App Center Admin Console, the End-User Portal, the App Center App, and any wrapped apps that require authentication. SAML provides web-based authentication and authorization and single sign-on (SSO) capabilities. When you configure App Center to use SAML, App Center acts as a service provider. The user connects to App Center. App Center causes the user's browser or native app to redirect to the SAML server. Once the SAML server has authenticated the user, the server forwards the user back to App Center. This whole process is transparent to the user.
For the Enterprise support solutions topic for the App Center / Symantec O₃ integration, go to the following URL:
Administrator Group Permissions removed after SAML Email mapping changed
What to do when SAML authentication is configured and the "Email Attribute" mapping is changed to a value other than "EMailAddress", and any account who is a member of the Administrators group has their administrator permissions removed\revoked. The end result is that a user in the Administrators group has access to the End-User Portal only.