We use Okta for single sign-on, and all Okta accounts for internal users are sourced from Active Directory (domain = CORP). The user ID used by most of our SSO-enabled applications is Email Address.
I have created a User Directory Connector for our CORP AD domain with a filter to only synchronize users in the group 'Okta-Qlik-Users'. This is working fine and the accounts created in Qlik have a User ID equal to the Windows logon name (SAMAccountName).
We now want to use Okta SSO with Qlik Sense. I have followed the instructions for creating a virtual proxy to integrate with Okta and have tested it successfully. The problem is that when a user logs into Qlik using Okta SAML it creates another user account using their email address as the User ID and 'OKTA' as the User Directory.
Instead of creating a new account we would like to simply map the Okta SAML login to the user's existing AD account. Is there a way to do that?
We are having similar problem but with reverse item.
QMC and Virtual Proxies are set to use email address. But whenever User logins through okta authentication, account with SAMAccountName (short user ID) are being created. It use to work and only email address use to create, but after upgrading to Qliksense 2019 we started noticing that duplicate account with Short User ID are being created. I checked the configuration and it seems to be fine. Could you tell me if there is anything else I need to check.
QMC--> Pulls email address and CORP through ODBC SQL tables.
Virtual Proxy--> OKTA SAML
User ID: email
User directory : [CORP]
But accounts are created as followings
Anyway to getrid of 2nd duplicate account i.e UserID account.