Release Reference Number: LRN-99952
Please explain how LMS APIs will work for "functional" IDs that can't authenticate through our IDP/SSO.
Currently, when we have a business team that wants to use an LMS API, we create a user/admin for their process within the LMS, generate a client secret within the LMS, and they use that user and secret to call the token server. It's very simple, and takes about 2 minutes for our LMS system admin (who is NOT a developer) to set up, and provide the credentials to the requesting business team (who has developers who create the solution using the published APIs).
It looks like the new process will be:
- Register the application in SF (BizX, not in the LMS module)
- Obtain a SAML assertion from somewhere? The document says that it can come from IAS (but doesn't specify how to obtain one in IAS) or from our corporate IDP.
- Use that SAML assertion to request a token
Step 2 is the part that needs to be clarified. These users don't exist in our corporate IDP, and although the IDP has the ability to create a functional user account, this is a pretty involved process that would be a large burden both on our LMS admin, as well as on the business teams who are developing integrations to the LMS.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.