Skip to Main Content
Customer Ideas Portal

The Customer Ideas Portal gives you the opportunity to submit Ideas for new features and functions to add to the products and vote up existing ideas that are important to your organization.

Ideas that you create are viewable by other customers, so please be mindful of the details you include in the title and description.

Your feedback is important and valuable. Thank you for taking the time to provide it!

Note: Product bugs or configuration requests that are specific to your organization should be submitted through a case on the Customer Success Portal.

Status Will not implement
Created by Guest
Created on Jun 3, 2021

ClearSight Logging of significant SAML attributes upon successful SSO authentication

Right now, upon successful authentication, CS does not log all attributes of a SAML assertion (it does upon failure to app logs).


Some customers that use shared or anonymous IDs include the actual UUID of a user in other additional attributes that are mapped.

For security purposes I suggest logging the additional mapped attributes so that we have a link to determine which end user logged in using a shared ID.

I'm not sure exactly where it would be appropriate to log these, I did some thinking:

  • app logs are one possible area, but they are not reportable in the application to administrators.

  • record_user_login is probably a lot of work because it is populated by a DB-level trigger rather than by code, but an additional text column there could make some sense and just dump the tuples into it. Probably to do that, usrmast would have to have a last_login_Attribs added to it instead and then the trigger could capture that into record_user_login.

  • Attach files